Rasa X can connect to a git repository only via an SSH URL but not HTTPS

We have built the basic model of a bot and want to deploy it for CDD and testing. The only roadblock we are facing is while connecting the bot to our GitLab repository.

Rasa X can connect to a git repository only via an SSH URL which is infeasible in our case because of company policies. The website states that for connection over HTTPS, subscription of Rasa enterprise is needed.

You are kindly requested to provide a solution to that as we don’t really need any other feature of the enterprise version of Rasa.

Also when I reached out to get a hang of the pricing of RASA X, this is the response I got.

Our Rasa Enterprise is a multi-year engagement targeted at Fortune 500 companies that scale in-house. From experience companies, your size and stage find everything they need in the freely available versions.

Hi @gaushh. Can you help me better understand why you have this company policy of not being able to use SSH?

The call to not allow SSH was taken by the security team of our organization. Is there any workaround to this? Else we won’t be able to use Rasa X with our bot. :scream_cat:

@gaushh Were there any specific reasons for this decision? Is it not possible to get an exemption? Thanks for taking the time to answer my questions. Your answers will help us make better product decisions.

I really want you to be able to use Rasa X. As you know, Integrated Version Control over HTTPS is a Rasa Enterprise feature. You are the first community member I have come across that has no need for other enterprise features and can’t use SSH, but maybe there are more :thinking:

Thanks for your prompt responses.

I don’t fully understand the reasoning behind the decision to restrict SSH. I’ll have a word with the server team about this and will get back to you in a few days.

@gaushh Thanks for looking into it :slight_smile:

@tyd I was told by IT team that allowing connection via SSH URL can sabotage the whole server in case of an attack. While HTTPS access can only influence the said repository.

Now, I am not technically equipped enough to validate these claims. Your insights regarding this are welcome. Also, it would be great if you can provide a solution to this. (Maybe by allowing access via HTTPS in community edition too. :see_no_evil:)