Skip to content
Snippets Groups Projects
Unverified Commit 2eadd19a authored by Nils Plaschke's avatar Nils Plaschke Committed by GitHub
Browse files

feat: add additional git authentication rules (#13477) 


* feat: add additional git authentication rules

* feat: refactor and add additional test cases

* fix: add git envs to gomod tests

* chore: revert function renaming

* chore: use interface instead of type

* chore: add test for different protocol

* chore: add typed import

* fix: do not use quotes, it breaks the docker sidecar

* chore: use correct quotes

* chore: incorporate feedback

* chore: lint files

Co-authored-by: default avatarMichael Kriese <michael.kriese@visualon.de>
Co-authored-by: default avatarRhys Arkins <rhys@arkins.net>
parent ead221dd
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
lib/manager/gomod/__snapshots__/artifacts.spec.ts.snap
+ 8
4
View file @ 2eadd19a
......@@ -279,15 +279,19 @@ Array [
},
},
Object {
"cmd": "docker run --rm --name=renovate_go --label=renovate_child -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -v \\"/tmp/renovate/cache\\":\\"/tmp/renovate/cache\\" -e GOPROXY -e GOPRIVATE -e GONOPROXY -e GONOSUMDB -e GOFLAGS -e CGO_ENABLED -e GIT_CONFIG_KEY_0 -e GIT_CONFIG_VALUE_0 -e GIT_CONFIG_COUNT -w \\"/tmp/github/some/repo\\" renovate/go:latest bash -l -c \\"go get -d -t ./...\\"",
"cmd": "docker run --rm --name=renovate_go --label=renovate_child -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -v \\"/tmp/renovate/cache\\":\\"/tmp/renovate/cache\\" -e GOPROXY -e GOPRIVATE -e GONOPROXY -e GONOSUMDB -e GOFLAGS -e CGO_ENABLED -e GIT_CONFIG_KEY_0 -e GIT_CONFIG_VALUE_0 -e GIT_CONFIG_KEY_1 -e GIT_CONFIG_VALUE_1 -e GIT_CONFIG_KEY_2 -e GIT_CONFIG_VALUE_2 -e GIT_CONFIG_COUNT -w \\"/tmp/github/some/repo\\" renovate/go:latest bash -l -c \\"go get -d -t ./...\\"",
"options": Object {
"cwd": "/tmp/github/some/repo",
"encoding": "utf-8",
"env": Object {
"CGO_ENABLED": "1",
"GIT_CONFIG_COUNT": "1",
"GIT_CONFIG_KEY_0": "url.https://some-token@github.com/.insteadOf",
"GIT_CONFIG_VALUE_0": "https://github.com/",
"GIT_CONFIG_COUNT": "3",
"GIT_CONFIG_KEY_0": "url.\\"https://ssh:some-token@github.com/\\".insteadOf",
"GIT_CONFIG_KEY_1": "url.\\"https://git:some-token@github.com/\\".insteadOf",
"GIT_CONFIG_KEY_2": "url.\\"https://some-token@github.com/\\".insteadOf",
"GIT_CONFIG_VALUE_0": "ssh://git@github.com/",
"GIT_CONFIG_VALUE_1": "git@github.com:",
"GIT_CONFIG_VALUE_2": "https://github.com/",
"GOFLAGS": "-modcacherw",
"GONOPROXY": "noproxy.example.com/*",
"GONOSUMDB": "1",
......
lib/manager/gomod/artifacts.spec.ts
+ 97
28
View file @ 2eadd19a
......@@ -246,12 +246,25 @@ describe('manager/gomod/artifacts', () => {
expect.objectContaining({
options: expect.objectContaining({
env: expect.objectContaining({
GIT_CONFIG_COUNT: '2',
GIT_CONFIG_KEY_0: 'url.https://some-token@github.com/.insteadOf',
GIT_CONFIG_COUNT: '6',
GIT_CONFIG_KEY_0:
'url."https://ssh:some-token@github.com/".insteadOf',
GIT_CONFIG_KEY_1:
'url.https://some-enterprise-token@github.enterprise.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://github.com/',
GIT_CONFIG_VALUE_1: 'https://github.enterprise.com/',
'url."https://git:some-token@github.com/".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://some-token@github.com/".insteadOf',
GIT_CONFIG_KEY_3:
'url."https://ssh:some-enterprise-token@github.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_4:
'url."https://git:some-enterprise-token@github.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_5:
'url."https://some-enterprise-token@github.enterprise.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'https://github.com/',
GIT_CONFIG_VALUE_3: 'ssh://git@github.enterprise.com/',
GIT_CONFIG_VALUE_4: 'git@github.enterprise.com:',
GIT_CONFIG_VALUE_5: 'https://github.enterprise.com/',
}),
}),
}),
......@@ -288,10 +301,16 @@ describe('manager/gomod/artifacts', () => {
expect.objectContaining({
options: expect.objectContaining({
env: expect.objectContaining({
GIT_CONFIG_COUNT: '1',
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0:
'url.https://gitlab-ci-token:some-enterprise-token@gitlab.enterprise.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://gitlab.enterprise.com/',
'url."https://gitlab-ci-token:some-enterprise-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_1:
'url."https://gitlab-ci-token:some-enterprise-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://gitlab-ci-token:some-enterprise-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@gitlab.enterprise.com/',
GIT_CONFIG_VALUE_1: 'git@gitlab.enterprise.com:',
GIT_CONFIG_VALUE_2: 'https://gitlab.enterprise.com/',
}),
}),
}),
......@@ -333,13 +352,25 @@ describe('manager/gomod/artifacts', () => {
expect.objectContaining({
options: expect.objectContaining({
env: expect.objectContaining({
GIT_CONFIG_COUNT: '2',
GIT_CONFIG_COUNT: '6',
GIT_CONFIG_KEY_0:
'url.https://gitlab-ci-token:some-enterprise-token-repo1@gitlab.enterprise.com/repo1.insteadOf',
'url."https://gitlab-ci-token:some-enterprise-token-repo1@gitlab.enterprise.com/repo1".insteadOf',
GIT_CONFIG_KEY_1:
'url.https://gitlab-ci-token:some-enterprise-token-repo2@gitlab.enterprise.com/repo2.insteadOf',
GIT_CONFIG_VALUE_0: 'https://gitlab.enterprise.com/repo1',
GIT_CONFIG_VALUE_1: 'https://gitlab.enterprise.com/repo2',
'url."https://gitlab-ci-token:some-enterprise-token-repo1@gitlab.enterprise.com/repo1".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://gitlab-ci-token:some-enterprise-token-repo1@gitlab.enterprise.com/repo1".insteadOf',
GIT_CONFIG_KEY_3:
'url."https://gitlab-ci-token:some-enterprise-token-repo2@gitlab.enterprise.com/repo2".insteadOf',
GIT_CONFIG_KEY_4:
'url."https://gitlab-ci-token:some-enterprise-token-repo2@gitlab.enterprise.com/repo2".insteadOf',
GIT_CONFIG_KEY_5:
'url."https://gitlab-ci-token:some-enterprise-token-repo2@gitlab.enterprise.com/repo2".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@gitlab.enterprise.com/repo1',
GIT_CONFIG_VALUE_1: 'git@gitlab.enterprise.com:repo1',
GIT_CONFIG_VALUE_2: 'https://gitlab.enterprise.com/repo1',
GIT_CONFIG_VALUE_3: 'ssh://git@gitlab.enterprise.com/repo2',
GIT_CONFIG_VALUE_4: 'git@gitlab.enterprise.com:repo2',
GIT_CONFIG_VALUE_5: 'https://gitlab.enterprise.com/repo2',
}),
}),
}),
......@@ -381,10 +412,16 @@ describe('manager/gomod/artifacts', () => {
expect.objectContaining({
options: expect.objectContaining({
env: expect.objectContaining({
GIT_CONFIG_COUNT: '1',
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0:
'url.https://gitlab-ci-token:some-gitlab-token@gitlab.enterprise.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://gitlab.enterprise.com/',
'url."https://gitlab-ci-token:some-gitlab-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_1:
'url."https://gitlab-ci-token:some-gitlab-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://gitlab-ci-token:some-gitlab-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@gitlab.enterprise.com/',
GIT_CONFIG_VALUE_1: 'git@gitlab.enterprise.com:',
GIT_CONFIG_VALUE_2: 'https://gitlab.enterprise.com/',
}),
}),
}),
......@@ -434,18 +471,43 @@ describe('manager/gomod/artifacts', () => {
expect.objectContaining({
options: expect.objectContaining({
env: expect.objectContaining({
GIT_CONFIG_COUNT: '4',
GIT_CONFIG_KEY_0: 'url.https://some-token@github.com/.insteadOf',
GIT_CONFIG_COUNT: '12',
GIT_CONFIG_KEY_0:
'url."https://ssh:some-token@github.com/".insteadOf',
GIT_CONFIG_KEY_1:
'url.https://some-token@api.github.com/.insteadOf',
'url."https://git:some-token@github.com/".insteadOf',
GIT_CONFIG_KEY_2:
'url.https://some-enterprise-token@github.enterprise.com/.insteadOf',
'url."https://some-token@github.com/".insteadOf',
GIT_CONFIG_KEY_3:
'url.https://gitlab-ci-token:some-gitlab-token@gitlab.enterprise.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://github.com/',
GIT_CONFIG_VALUE_1: 'https://api.github.com/',
GIT_CONFIG_VALUE_2: 'https://github.enterprise.com/',
GIT_CONFIG_VALUE_3: 'https://gitlab.enterprise.com/',
'url."https://ssh:some-token@api.github.com/".insteadOf',
GIT_CONFIG_KEY_4:
'url."https://git:some-token@api.github.com/".insteadOf',
GIT_CONFIG_KEY_5:
'url."https://some-token@api.github.com/".insteadOf',
GIT_CONFIG_KEY_6:
'url."https://ssh:some-enterprise-token@github.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_7:
'url."https://git:some-enterprise-token@github.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_8:
'url."https://some-enterprise-token@github.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_9:
'url."https://gitlab-ci-token:some-gitlab-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_10:
'url."https://gitlab-ci-token:some-gitlab-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_KEY_11:
'url."https://gitlab-ci-token:some-gitlab-token@gitlab.enterprise.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'https://github.com/',
GIT_CONFIG_VALUE_3: 'ssh://git@api.github.com/',
GIT_CONFIG_VALUE_4: 'git@api.github.com:',
GIT_CONFIG_VALUE_5: 'https://api.github.com/',
GIT_CONFIG_VALUE_6: 'ssh://git@github.enterprise.com/',
GIT_CONFIG_VALUE_7: 'git@github.enterprise.com:',
GIT_CONFIG_VALUE_8: 'https://github.enterprise.com/',
GIT_CONFIG_VALUE_9: 'ssh://git@gitlab.enterprise.com/',
GIT_CONFIG_VALUE_10: 'git@gitlab.enterprise.com:',
GIT_CONFIG_VALUE_11: 'https://gitlab.enterprise.com/',
}),
}),
}),
......@@ -485,9 +547,16 @@ describe('manager/gomod/artifacts', () => {
expect.objectContaining({
options: expect.objectContaining({
env: expect.objectContaining({
GIT_CONFIG_COUNT: '1',
GIT_CONFIG_KEY_0: 'url.https://some-token@github.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://github.com/',
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0:
'url."https://ssh:some-token@github.com/".insteadOf',
GIT_CONFIG_KEY_1:
'url."https://git:some-token@github.com/".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://some-token@github.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'https://github.com/',
}),
}),
}),
......
lib/util/git/auth.spec.ts
+ 161
24
View file @ 2eadd19a
......@@ -14,9 +14,31 @@ describe('util/git/auth', () => {
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_KEY_0: 'url.https://token1234@github.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://github.com/',
GIT_CONFIG_COUNT: '1',
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0: 'url."https://ssh:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_1: 'url."https://git:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2: 'url."https://token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'https://github.com/',
});
});
it('returns url with token for different protocols', () => {
expect(
getGitAuthenticatedEnvironmentVariables('foobar://github.com/', {
token: 'token1234',
hostType: PlatformId.Github,
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0: 'url."https://ssh:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_1: 'url."https://git:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2: 'url."https://token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'https://github.com/',
});
});
......@@ -28,10 +50,16 @@ describe('util/git/auth', () => {
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0:
'url.https://x-access-token:token1234@github.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://github.com/',
GIT_CONFIG_COUNT: '1',
'url."https://x-access-token:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_1:
'url."https://x-access-token:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://x-access-token:token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'https://github.com/',
});
});
......@@ -47,9 +75,13 @@ describe('util/git/auth', () => {
{ GIT_CONFIG_COUNT: '1' }
)
).toStrictEqual({
GIT_CONFIG_KEY_1: 'url.https://token1234@github.com/.insteadOf',
GIT_CONFIG_VALUE_1: 'https://github.com/',
GIT_CONFIG_COUNT: '2',
GIT_CONFIG_COUNT: '4',
GIT_CONFIG_KEY_1: 'url."https://ssh:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2: 'url."https://git:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_3: 'url."https://token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_1: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_2: 'git@github.com:',
GIT_CONFIG_VALUE_3: 'https://github.com/',
});
});
......@@ -66,9 +98,13 @@ describe('util/git/auth', () => {
{ GIT_CONFIG_COUNT: '1' }
)
).toStrictEqual({
GIT_CONFIG_KEY_1: 'url.https://token1234@github.com/.insteadOf',
GIT_CONFIG_VALUE_1: 'https://github.com/',
GIT_CONFIG_COUNT: '2',
GIT_CONFIG_COUNT: '4',
GIT_CONFIG_KEY_1: 'url."https://ssh:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2: 'url."https://git:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_3: 'url."https://token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_1: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_2: 'git@github.com:',
GIT_CONFIG_VALUE_3: 'https://github.com/',
});
});
......@@ -81,9 +117,13 @@ describe('util/git/auth', () => {
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_KEY_1: 'url.https://token1234@github.com/.insteadOf',
GIT_CONFIG_VALUE_1: 'https://github.com/',
GIT_CONFIG_COUNT: '2',
GIT_CONFIG_COUNT: '4',
GIT_CONFIG_KEY_1: 'url."https://ssh:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2: 'url."https://git:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_3: 'url."https://token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_1: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_2: 'git@github.com:',
GIT_CONFIG_VALUE_3: 'https://github.com/',
});
});
......@@ -99,9 +139,13 @@ describe('util/git/auth', () => {
{ RANDOM_VARIABLE: 'random' }
)
).toStrictEqual({
GIT_CONFIG_KEY_0: 'url.https://token1234@github.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://github.com/',
GIT_CONFIG_COUNT: '1',
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0: 'url."https://ssh:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_1: 'url."https://git:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2: 'url."https://token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'https://github.com/',
RANDOM_VARIABLE: 'random',
});
});
......@@ -115,9 +159,13 @@ describe('util/git/auth', () => {
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_KEY_0: 'url.https://token1234@github.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://github.com/',
GIT_CONFIG_COUNT: '1',
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0: 'url."https://ssh:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_1: 'url."https://git:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2: 'url."https://token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'https://github.com/',
});
});
......@@ -129,10 +177,16 @@ describe('util/git/auth', () => {
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0:
'url.https://gitlab-ci-token:token1234@gitlab.com/.insteadOf',
GIT_CONFIG_VALUE_0: 'https://gitlab.com/',
GIT_CONFIG_COUNT: '1',
'url."https://gitlab-ci-token:token1234@gitlab.com/".insteadOf',
GIT_CONFIG_KEY_1:
'url."https://gitlab-ci-token:token1234@gitlab.com/".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://gitlab-ci-token:token1234@gitlab.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@gitlab.com/',
GIT_CONFIG_VALUE_1: 'git@gitlab.com:',
GIT_CONFIG_VALUE_2: 'https://gitlab.com/',
});
});
......@@ -152,5 +206,88 @@ describe('util/git/auth', () => {
env: 'value',
});
});
it('returns url with token for http hosts', () => {
expect(
getGitAuthenticatedEnvironmentVariables('http://github.com/', {
token: 'token1234',
hostType: PlatformId.Github,
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0: 'url."http://ssh:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_1: 'url."http://git:token1234@github.com/".insteadOf',
GIT_CONFIG_KEY_2: 'url."http://token1234@github.com/".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/',
GIT_CONFIG_VALUE_1: 'git@github.com:',
GIT_CONFIG_VALUE_2: 'http://github.com/',
});
});
it('returns url with token for orgs', () => {
expect(
getGitAuthenticatedEnvironmentVariables('https://github.com/org', {
token: 'token1234',
hostType: PlatformId.Github,
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0:
'url."https://ssh:token1234@github.com/org".insteadOf',
GIT_CONFIG_KEY_1:
'url."https://git:token1234@github.com/org".insteadOf',
GIT_CONFIG_KEY_2: 'url."https://token1234@github.com/org".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/org',
GIT_CONFIG_VALUE_1: 'git@github.com:org',
GIT_CONFIG_VALUE_2: 'https://github.com/org',
});
});
it('returns url with token for orgs and projects', () => {
expect(
getGitAuthenticatedEnvironmentVariables('https://github.com/org/repo', {
token: 'token1234',
hostType: PlatformId.Github,
matchHost: 'github.com',
})
).toStrictEqual({
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0:
'url."https://ssh:token1234@github.com/org/repo".insteadOf',
GIT_CONFIG_KEY_1:
'url."https://git:token1234@github.com/org/repo".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://token1234@github.com/org/repo".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com/org/repo',
GIT_CONFIG_VALUE_1: 'git@github.com:org/repo',
GIT_CONFIG_VALUE_2: 'https://github.com/org/repo',
});
});
it('returns url with token for orgs and projects and ports', () => {
expect(
getGitAuthenticatedEnvironmentVariables(
'https://github.com:89/org/repo.git',
{
token: 'token1234',
hostType: PlatformId.Github,
matchHost: 'github.com',
}
)
).toStrictEqual({
GIT_CONFIG_COUNT: '3',
GIT_CONFIG_KEY_0:
'url."https://ssh:token1234@github.com:89/org/repo.git".insteadOf',
GIT_CONFIG_KEY_1:
'url."https://git:token1234@github.com:89/org/repo.git".insteadOf',
GIT_CONFIG_KEY_2:
'url."https://token1234@github.com:89/org/repo.git".insteadOf',
GIT_CONFIG_VALUE_0: 'ssh://git@github.com:89/org/repo.git',
GIT_CONFIG_VALUE_1: 'ssh://git@github.com:89/org/repo.git',
GIT_CONFIG_VALUE_2: 'https://github.com:89/org/repo.git',
});
});
});
});
lib/util/git/auth.ts
+ 70
13
View file @ 2eadd19a
import gitUrlParse from 'git-url-parse';
import { PlatformId } from '../../constants';
import { logger } from '../../logger';
import type { HostRule } from '../../types';
import { getHttpUrl } from './url';
import { regEx } from '../regex';
import type { AuthenticationRule } from './types';
/**
* Add authorization to a Git Url and returns a new environment variables object
* @returns a new NodeJS.ProcessEnv object without modifying any input parameters
*/
export function getGitAuthenticatedEnvironmentVariables(
gitUrl: string,
originalGitUrl: string,
{ token, hostType, matchHost }: HostRule,
environmentVariables?: NodeJS.ProcessEnv
): NodeJS.ProcessEnv {
......@@ -34,28 +36,83 @@ export function getGitAuthenticatedEnvironmentVariables(
}
}
const gitUrlWithToken = getUrlWithToken(gitUrl, hostType, token);
const authenticationRules = getAuthenticationRulesWithToken(
originalGitUrl,
hostType,
token
);
// create a shallow copy of the environmentVariables as base so we don't modify the input parameter object
// add the two new config key and value to the returnEnvironmentVariables object
// increase the CONFIG_COUNT by one and add it to the object
return {
// increase the CONFIG_COUNT by one for each rule and add it to the object
const newEnvironmentVariables = {
...environmentVariables,
[`GIT_CONFIG_KEY_${gitConfigCount}`]: `url.${gitUrlWithToken}.insteadOf`,
[`GIT_CONFIG_VALUE_${gitConfigCount}`]: gitUrl,
GIT_CONFIG_COUNT: (gitConfigCount + 1).toString(),
};
for (const rule of authenticationRules) {
newEnvironmentVariables[
`GIT_CONFIG_KEY_${gitConfigCount}`
] = `url."${rule.url}".insteadOf`;
newEnvironmentVariables[`GIT_CONFIG_VALUE_${gitConfigCount}`] =
rule.insteadOf;
gitConfigCount++;
}
newEnvironmentVariables['GIT_CONFIG_COUNT'] = gitConfigCount.toString();
function getUrlWithToken(
gitUrl: string,
return newEnvironmentVariables;
}
function getAuthenticationRulesWithToken(
url: string,
hostType: string,
authToken: string
): string {
): AuthenticationRule[] {
let token = authToken;
if (hostType === PlatformId.Gitlab) {
token = `gitlab-ci-token:${token}`;
token = `gitlab-ci-token:${authToken}`;
}
return getAuthenticationRules(url, token);
}
return getHttpUrl(gitUrl, token);
/**
* Generates the authentication rules for later git usage for the given host
* @link https://coolaj86.com/articles/vanilla-devops-git-credentials-cheatsheet/
*/
export function getAuthenticationRules(
gitUrl: string,
token: string
): AuthenticationRule[] {
const authenticationRules = [];
const hasUser = token.split(':').length > 1;
const insteadUrl = gitUrlParse(gitUrl);
const url = { ...insteadUrl };
const protocol = regEx(/^https?$/).test(url.protocol)
? url.protocol
: 'https';
// ssh protocol with user if empty
url.token = hasUser ? token : `ssh:${token}`;
authenticationRules.push({
url: url.toString(protocol),
// only edge case, need to stringify ourself because the exact syntax is not supported by the library
// https://github.com/IonicaBizau/git-url-parse/blob/246c9119fb42c2ea1c280028fe77c53eb34c190c/lib/index.js#L246
insteadOf: `ssh://git@${insteadUrl.resource}${
insteadUrl.port ? `:${insteadUrl.port}` : ''
}/${insteadUrl.full_name}${insteadUrl.git_suffix ? '.git' : ''}`,
});
// alternative ssh protocol with user if empty
url.token = hasUser ? token : `git:${token}`;
authenticationRules.push({
url: url.toString(protocol),
insteadOf: insteadUrl.toString('ssh'),
});
// https protocol with no user as default fallback
url.token = token;
authenticationRules.push({
url: url.toString(protocol),
insteadOf: insteadUrl.toString(protocol),
});
return authenticationRules;
}
lib/util/git/types.ts
+ 9
0
View file @ 2eadd19a
......@@ -96,3 +96,12 @@ export interface CommitResult {
sha: string;
files: FileChange[];
}
/**
* Represents a git authentication rule in the form of e.g.:
* git config --global url."https://api@github.com/".insteadOf "https://github.com/"
*/
export interface AuthenticationRule {
url: string;
insteadOf: string;
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment