Skip to content

Password-protected environments

Uffizzi allows you to configure a username and password for your Preview Environments to limit who has access to them. This feature is enabled per project, so anyone navigating to the URL of any Preview Environment of that project, either via a web browser or with a command like curl, must enter valid credentials to gain access. To configure this feature, you must be an account Owner.

Select your CI provider to begin set up:

Uffizzi CI ⬇
GitHub Actions ⬇

Configure password protection for Uffizzi CI

  1. In the Uffizzi Dashboard, navigate to your project, then select Project Settings > Password protection > Edit > Enabled (toggle).

    Click to expand

  2. Enter a username and password, then select Save.

Password protection will now be enabled for all environments belonging to this project, including any pre-existing environments. To access these Preview Environments, you can pass your credentials via the web browser or curl command.

Configure password protection for GitHub Actions

  1. In the Uffizzi Dashboard, navigate to your project, then select Project Settings > Password protection > Edit > Enabled (toggle).

    Click to expand

  2. Enter a username and password, then select Save.

  3. Store credentials as GitHub Actions secrets.
     
    In GitHub, navigate to your repository. Then select Settings > Secrets and variables > Actions > Secrets (tab) > New repository secret. (Be sure you add a new repository secret from the Secrets tab, not a new repository variable from the Variables tab). Add a secret name and value, then select Add secret.

    Click to expand

  4. Pass credentials as parameters in your preview job.
     
    If you are using the official Uffizzi preview action with the reusable workflow, you will also need to pass the environment username and password to the reusable workflow via url-username and url-password parameters. These credentials are used by the preview action (and Uffizzi) to perform health checks on your Preview Environments. You can see example usage here.  

    uffizzi-preview.yaml
    deploy-uffizzi-preview:
  name: Use Remote Workflow to Preview on Uffizzi
  needs: render-compose-file
  uses: UffizziCloud/preview-action/.github/workflows/reusable.yaml@v2.2.0
  if: ${{ github.event_name == 'pull_request' && github.event.action != 'closed' }}
  with:
    ...
  secrets:
    url-username: ${{ secrets.URL_USERNAME }}
    url-password: ${{ secrets.URL_PASSWORD }}
  permissions:
    ...

Password protection will now be enabled for all environments belonging to this project, including any pre-existing environments. To access these Preview Environments, you can pass your credentials via the web browser or curl command.

Access via web browser

If you visit the preview URL in a browser, you can enter the environment username and password in the http dialog window, as shown in the screenshot below. Select Log in to be redirected to the Preview Environment.

HTTP dialog window

Access via curl

You can access a password-protected environment via the curl command by passing the environment username and password as an argument. For example: 

curl -u "username:password" [PREVIEW_URL]

Note

The official Uffizzi preview action uses the curl command to check for successful deployments of Preview Environments. You can see how the Uffizzi preview action performs this check here.

Suggested articles