Add -k flag and https to 2 examples #933
Conversation
| @@ -69,7 +69,7 @@ For a list of the available settings, see [the `/setup/api/settings` endpoint](# | |||
| ### Example | |||
|
|
|||
| ``` command-line | |||
| $ curl -L -X POST 'http://<em>hostname</em>:<em>admin_port</em>/setup/api/start' -F license=@<em>/path/to/github-enterprise.ghl</em> -F "password=<em>your-amazing-password</em>" -F settings=<<em>/path/to/settings.json</em> | |||
| $ curl -L -X -k POST 'https://<em>hostname</em>:<em>admin_port</em>/setup/api/start' -F license=@<em>/path/to/github-enterprise.ghl</em> -F "password=<em>your-amazing-password</em>" -F settings=<<em>/path/to/settings.json</em> | |||
There was a problem hiding this comment.
I think the flag order might matter here since POST is an argument to -X. Should this be -X POST -k ...?
| @@ -69,7 +69,7 @@ For a list of the available settings, see [the `/setup/api/settings` endpoint](# | |||
| ### Example | |||
|
|
|||
| ``` command-line | |||
| $ curl -L -X POST 'http://<em>hostname</em>:<em>admin_port</em>/setup/api/start' -F license=@<em>/path/to/github-enterprise.ghl</em> -F "password=<em>your-amazing-password</em>" -F settings=<<em>/path/to/settings.json</em> | |||
| $ curl -L -X POST -k 'https://<em>hostname</em>:<em>admin_port</em>/setup/api/start' -F license=@<em>/path/to/github-enterprise.ghl</em> -F "password=<em>your-amazing-password</em>" -F settings=<<em>/path/to/settings.json</em> | |||
There was a problem hiding this comment.
Is allowing insecure connections something you'd want to promote via documentation? Passing in the -k flag will ignore any SSL warnings (such as mismatching certificates) and allow the connection to proceed anyway which has some potential security concerns. Personally, if I was sending my GitHub license or credentials across the wire I'd definitely like to ensure the host I am connecting to is who I intend it to be. However, on the flip side of that, I do realise a lot of places that setup on their internal network won't bother with valid certificates so ¯\_(ツ)_/¯.
There was a problem hiding this comment.
@jacobbednarz GitHub Enterprise provides a self-signed certificate. For many, I assume the lack of -k blocks these admins from using curl to work with the API.
There was a problem hiding this comment.
Enterprise customers should configure a proper certificate though and that is strongly recommended. I would be in favor of not adding -k and only add a comment for using it if absolutely necessary. Always adding as a blanket solution is not a good idea.
There was a problem hiding this comment.
👍 I think adding a comment explaining the -k option is the right approach.
I just tested it; looks like I did not pass If you could change the other examples to |
| @@ -47,6 +47,8 @@ When using this endpoint, your Enterprise instance must have a password set. Thi | |||
| 1. If you're working directly with the API before accessing the web interface, you must pass in the password parameter to set your password. | |||
| 2. If you set up your instance via the web interface before accessing the API, your calls to this endpoint do not need the password parameter. | |||
|
|
|||
| You may also need to use the `-k` flag, as GitHub Enterprise uses a self-signed certificate before you [enable your own SSL certificate](https://help.github.com/enterprise/admin/guides/installation/dns-hostname-subdomain-isolation-and-ssl/#ssl). | |||
There was a problem hiding this comment.
I would make it clear that the -k flag applies to using curl.
|
I've added a note about needing the -k flag and updated http to https in the examples. @pengwynn @github/docs-platform @github/copy is this 👍 to merge? |
| @@ -47,6 +47,8 @@ When using this endpoint, your Enterprise instance must have a password set. Thi | |||
| 1. If you're working directly with the API before accessing the web interface, you must pass in the password parameter to set your password. | |||
| 2. If you set up your instance via the web interface before accessing the API, your calls to this endpoint do not need the password parameter. | |||
|
|
|||
| You may also need to add the `-k` flag when using `curl`, since GitHub Enterprise uses a self-signed certificate before you [add your own SSL certificate](https://help.github.com/enterprise/admin/guides/installation/dns-hostname-subdomain-isolation-and-ssl/#ssl). | |||
There was a problem hiding this comment.
@mellybess I would add a small bit about what the -k flag does or at least add a link to http://curl.haxx.se/docs/manpage.html#-k (not sure if linking out to external pages in these docs is cool or not).
Also since this tip applies when using any self-signed certificate it could apply to all endpoints. I'm wondering if it would make sense to move it up towards the top of the document after the tip section.
Add -k flag and https to 2 examples
In a recent customer question (in Front, so no thread available 😦) @davideg @brainstarr and I found that the example commands were missing a
-kflag, and needed to be via https. The steps we documented for the customer are here.I'm not sure if this needs to be updated for each example on the page, but I can test that if needed.
I also removed a version number from a link to the Enterprise docs so that it redirects to the latest version.
/cc @github/api, @github/docs-platform, and @github/copy