Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(git): insteadOf environment variables for authentication #11077

Merged
merged 5 commits into from
Oct 20, 2021
Merged

feat(git): insteadOf environment variables for authentication #11077

merged 5 commits into from
Oct 20, 2021

Conversation

Shegox
Copy link
Contributor

@Shegox Shegox commented Aug 3, 2021

Changes:

This PR uses the newly in git 2.31 introduced environment variables for authentication for go module updates (e.g. sum files).
The current change only replaces the existing functionality and provides a generic function to get authentication environment variables for git via getGitAuthenticatedEnvironmentVariables(gitUrl, token, environmentVariables).

Requires git cli >=2.31 to use GIT_CONFIG_ variables to provide the credentials as environment variables to the go get process, which then invokes git underneath.

Happy about any feedback :)

Context:

Fixes #11060

Part of enabling authenticated go module updates #7361

Documentation (please check one with an [x])

  • I have updated the documentation, or
  • No documentation update is required

How I've tested my work (please tick one)

I have verified these changes via:

  • Code inspection only, or
  • Newly added/modified unit tests, or
  • No unit tests but ran on a real repository, or
  • Both unit tests + ran on a real repository

@viceice
Copy link
Member

viceice commented Aug 3, 2021
edited
Loading

BTW: git v2.31.0 is from march 2021. so we should add a hint for self-hosted users.

renovate/docs/development/local-development.md

Line 13 in 8fac1fd

- Git

renovate/docs/usage/self-hosting.md

Line 1 in 36d37b3

# Self-Hosting Renovate

@rarkins
Copy link
Collaborator

rarkins commented Aug 4, 2021

I tried adding a git version detection previously and had to give up. Surely shouldn't be too hard. Maybe we could try with v26 and have an option to skip detection if it fails?

@Shegox
Copy link
Contributor Author

Shegox commented Aug 4, 2021

Yes, that could be an option. The worst happening is that git ignores the environment variables. Meaning that just the authentication forgo get -d fails, everything else keeps on working as currently.
But yeah it makes sense to at least log an error/warning message if it isn't supported.

@viceice
Copy link
Member

viceice commented Aug 4, 2021

I tried adding a git version detection previously and had to give up. Surely shouldn't be too hard. Maybe we could try with v26 and have an option to skip detection if it fails?

I know, it's on my to-do list. Will check what's going wrong on your branch.

@rarkins
Copy link
Collaborator

rarkins commented Aug 4, 2021

Yes, that could be an option. The worst happening is that git ignores the environment variables. Meaning that just the authentication forgo get -d fails, everything else keeps on working as currently.
But yeah it makes sense to at least log an error/warning message if it isn't supported.

Because the failure is therefore graceful, I'm ok with merging this without adding logic to check/warn about git, because that's not for go modules only.

However if Go Modules auth was working before with a certain version of git but then stop working in a newer version of Renovate, I think that's probably best to go into v26 as a breaking change so that it's less likely to be missed.

@rarkins rarkins mentioned this pull request Aug 30, 2021
Open
@Shegox
Copy link
Contributor Author

Shegox commented Oct 19, 2021

@rarkins and @viceice I took the time to rebase my changes.
Since nowadays git >=2.33 is anyway required this (requiring git >=2.31) should no longer be a breaking change and good to be reviewed.

@viceice viceice changed the title chore(git): switch from git config command to environment variables for authentication feat(git): switch from git config command to environment variables for authentication Oct 19, 2021
viceice
viceice reviewed Oct 19, 2021
View reviewed changes
lib/util/git/auth.spec.ts Outdated Show resolved Hide resolved
lib/util/git/auth.spec.ts Outdated Show resolved Hide resolved
lib/util/git/auth.ts Outdated Show resolved Hide resolved
@viceice
Copy link
Member

viceice commented Oct 20, 2021

Please use re-request review buttons when you like to have a new review 😉
image

@Shegox Shegox requested review from viceice and rarkins October 20, 2021 07:21
@rarkins rarkins changed the title feat(git): switch from git config command to environment variables for authentication feat(git): insetadOf environment variables for authentication Oct 20, 2021
@rarkins rarkins changed the title feat(git): insetadOf environment variables for authentication feat(git): insteadOf environment variables for authentication Oct 20, 2021
@rarkins rarkins merged commit 15dd2fc into renovatebot:main Oct 20, 2021
@renovate-release
Copy link
Collaborator

🎉 This PR is included in version 28.3.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@Shegox Shegox mentioned this pull request Oct 20, 2021
Merged
11 tasks
@rarkins rarkins mentioned this pull request Oct 27, 2021
Closed
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 20, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rarkins rarkins rarkins left review comments

@viceice viceice viceice approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Refactor: use env to pass credentials to go get
4 participants
@Shegox @viceice @rarkins @renovate-release