persist core.sshCommand for submodules
This commit is contained in:
parent
b2e6b7ed13
commit
518a867127
@ -437,14 +437,74 @@ describe('git-auth-helper tests', () => {
|
||||
}
|
||||
)
|
||||
|
||||
const configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeyNotSet =
|
||||
'configureSubmoduleAuth configures token when persist credentials true and SSH key not set'
|
||||
const configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeyNotSet =
|
||||
'configureSubmoduleAuth configures submodules when persist credentials false and SSH key not set'
|
||||
it(
|
||||
configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeyNotSet,
|
||||
configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeyNotSet,
|
||||
async () => {
|
||||
// Arrange
|
||||
await setup(
|
||||
configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeyNotSet
|
||||
configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeyNotSet
|
||||
)
|
||||
settings.persistCredentials = false
|
||||
settings.sshKey = ''
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureAuth()
|
||||
const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>
|
||||
mockSubmoduleForeach.mockClear() // reset calls
|
||||
|
||||
// Act
|
||||
await authHelper.configureSubmoduleAuth()
|
||||
|
||||
// Assert
|
||||
expect(mockSubmoduleForeach).toBeCalledTimes(1)
|
||||
expect(mockSubmoduleForeach.mock.calls[0][0] as string).toMatch(
|
||||
/unset-all.*insteadOf/
|
||||
)
|
||||
}
|
||||
)
|
||||
|
||||
const configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet =
|
||||
'configureSubmoduleAuth configures submodules when persist credentials false and SSH key set'
|
||||
it(
|
||||
configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet,
|
||||
async () => {
|
||||
if (!sshPath) {
|
||||
process.stdout.write(
|
||||
`Skipped test "${configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet}". Executable 'ssh' not found in the PATH.\n`
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
// Arrange
|
||||
await setup(
|
||||
configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet
|
||||
)
|
||||
settings.persistCredentials = false
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureAuth()
|
||||
const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>
|
||||
mockSubmoduleForeach.mockClear() // reset calls
|
||||
|
||||
// Act
|
||||
await authHelper.configureSubmoduleAuth()
|
||||
|
||||
// Assert
|
||||
expect(mockSubmoduleForeach).toHaveBeenCalledTimes(1)
|
||||
expect(mockSubmoduleForeach.mock.calls[0][0]).toMatch(
|
||||
/unset-all.*insteadOf/
|
||||
)
|
||||
}
|
||||
)
|
||||
|
||||
const configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeyNotSet =
|
||||
'configureSubmoduleAuth configures submodules when persist credentials true and SSH key not set'
|
||||
it(
|
||||
configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeyNotSet,
|
||||
async () => {
|
||||
// Arrange
|
||||
await setup(
|
||||
configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeyNotSet
|
||||
)
|
||||
settings.sshKey = ''
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
@ -465,21 +525,21 @@ describe('git-auth-helper tests', () => {
|
||||
}
|
||||
)
|
||||
|
||||
const configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeySet =
|
||||
'configureSubmoduleAuth configures token when persist credentials true and SSH key set'
|
||||
const configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet =
|
||||
'configureSubmoduleAuth configures submodules when persist credentials true and SSH key set'
|
||||
it(
|
||||
configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeySet,
|
||||
configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet,
|
||||
async () => {
|
||||
if (!sshPath) {
|
||||
process.stdout.write(
|
||||
`Skipped test "${configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeySet}". Executable 'ssh' not found in the PATH.\n`
|
||||
`Skipped test "${configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet}". Executable 'ssh' not found in the PATH.\n`
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
// Arrange
|
||||
await setup(
|
||||
configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeySet
|
||||
configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet
|
||||
)
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureAuth()
|
||||
@ -490,96 +550,12 @@ describe('git-auth-helper tests', () => {
|
||||
await authHelper.configureSubmoduleAuth()
|
||||
|
||||
// Assert
|
||||
expect(mockSubmoduleForeach).toHaveBeenCalledTimes(2)
|
||||
expect(mockSubmoduleForeach).toHaveBeenCalledTimes(3)
|
||||
expect(mockSubmoduleForeach.mock.calls[0][0]).toMatch(
|
||||
/unset-all.*insteadOf/
|
||||
)
|
||||
expect(mockSubmoduleForeach.mock.calls[1][0]).toMatch(/http.*extraheader/)
|
||||
}
|
||||
)
|
||||
|
||||
const configureSubmoduleAuth_doesNotConfigureTokenWhenPersistCredentialsFalse =
|
||||
'configureSubmoduleAuth does not configure token when persist credentials false'
|
||||
it(
|
||||
configureSubmoduleAuth_doesNotConfigureTokenWhenPersistCredentialsFalse,
|
||||
async () => {
|
||||
// Arrange
|
||||
await setup(
|
||||
configureSubmoduleAuth_doesNotConfigureTokenWhenPersistCredentialsFalse
|
||||
)
|
||||
settings.persistCredentials = false
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureAuth()
|
||||
const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>
|
||||
mockSubmoduleForeach.mockClear() // reset calls
|
||||
|
||||
// Act
|
||||
await authHelper.configureSubmoduleAuth()
|
||||
|
||||
// Assert
|
||||
expect(mockSubmoduleForeach).toBeCalledTimes(1)
|
||||
expect(mockSubmoduleForeach.mock.calls[0][0] as string).toMatch(
|
||||
/unset-all.*insteadOf/
|
||||
)
|
||||
}
|
||||
)
|
||||
|
||||
const configureSubmoduleAuth_doesNotConfigureUrlInsteadOfWhenPersistCredentialsTrueAndSshKeySet =
|
||||
'configureSubmoduleAuth does not configure URL insteadOf when persist credentials true and SSH key set'
|
||||
it(
|
||||
configureSubmoduleAuth_doesNotConfigureUrlInsteadOfWhenPersistCredentialsTrueAndSshKeySet,
|
||||
async () => {
|
||||
if (!sshPath) {
|
||||
process.stdout.write(
|
||||
`Skipped test "${configureSubmoduleAuth_doesNotConfigureUrlInsteadOfWhenPersistCredentialsTrueAndSshKeySet}". Executable 'ssh' not found in the PATH.\n`
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
// Arrange
|
||||
await setup(
|
||||
configureSubmoduleAuth_doesNotConfigureUrlInsteadOfWhenPersistCredentialsTrueAndSshKeySet
|
||||
)
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureAuth()
|
||||
const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>
|
||||
mockSubmoduleForeach.mockClear() // reset calls
|
||||
|
||||
// Act
|
||||
await authHelper.configureSubmoduleAuth()
|
||||
|
||||
// Assert
|
||||
expect(mockSubmoduleForeach).toHaveBeenCalledTimes(2)
|
||||
expect(mockSubmoduleForeach.mock.calls[0][0]).toMatch(
|
||||
/unset-all.*insteadOf/
|
||||
)
|
||||
expect(mockSubmoduleForeach.mock.calls[1][0]).toMatch(/http.*extraheader/)
|
||||
}
|
||||
)
|
||||
|
||||
const configureSubmoduleAuth_removesUrlInsteadOfWhenPersistCredentialsFalse =
|
||||
'configureSubmoduleAuth removes URL insteadOf when persist credentials false'
|
||||
it(
|
||||
configureSubmoduleAuth_removesUrlInsteadOfWhenPersistCredentialsFalse,
|
||||
async () => {
|
||||
// Arrange
|
||||
await setup(
|
||||
configureSubmoduleAuth_removesUrlInsteadOfWhenPersistCredentialsFalse
|
||||
)
|
||||
settings.persistCredentials = false
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureAuth()
|
||||
const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>
|
||||
mockSubmoduleForeach.mockClear() // reset calls
|
||||
|
||||
// Act
|
||||
await authHelper.configureSubmoduleAuth()
|
||||
|
||||
// Assert
|
||||
expect(mockSubmoduleForeach).toBeCalledTimes(1)
|
||||
expect(mockSubmoduleForeach.mock.calls[0][0] as string).toMatch(
|
||||
/unset-all.*insteadOf/
|
||||
)
|
||||
expect(mockSubmoduleForeach.mock.calls[2][0]).toMatch(/core\.sshCommand/)
|
||||
}
|
||||
)
|
||||
|
||||
|
19
dist/index.js
vendored
19
dist/index.js
vendored
@ -5122,6 +5122,7 @@ class GitAuthHelper {
|
||||
this.tokenConfigKey = `http.https://${HOSTNAME}/.extraheader`;
|
||||
this.insteadOfKey = `url.https://${HOSTNAME}/.insteadOf`;
|
||||
this.insteadOfValue = `git@${HOSTNAME}:`;
|
||||
this.sshCommand = '';
|
||||
this.sshKeyPath = '';
|
||||
this.sshKnownHostsPath = '';
|
||||
this.temporaryHomePath = '';
|
||||
@ -5205,8 +5206,12 @@ class GitAuthHelper {
|
||||
core.debug(`Replacing token placeholder in '${configPath}'`);
|
||||
this.replaceTokenPlaceholder(configPath);
|
||||
}
|
||||
if (this.settings.sshKey) {
|
||||
// Configure core.sshCommand
|
||||
yield this.git.submoduleForeach(`git config --local '${SSH_COMMAND_KEY}' '${this.sshCommand}'`, this.settings.nestedSubmodules);
|
||||
}
|
||||
else {
|
||||
// Configure HTTPS instead of SSH
|
||||
if (!this.settings.sshKey) {
|
||||
yield this.git.submoduleForeach(`git config --local '${this.insteadOfKey}' '${this.insteadOfValue}'`, this.settings.nestedSubmodules);
|
||||
}
|
||||
}
|
||||
@ -5268,16 +5273,16 @@ class GitAuthHelper {
|
||||
yield fs.promises.writeFile(this.sshKnownHostsPath, knownHosts);
|
||||
// Configure GIT_SSH_COMMAND
|
||||
const sshPath = yield io.which('ssh', true);
|
||||
let sshCommand = `"${sshPath}" -i "$RUNNER_TEMP/${path.basename(this.sshKeyPath)}"`;
|
||||
this.sshCommand = `"${sshPath}" -i "$RUNNER_TEMP/${path.basename(this.sshKeyPath)}"`;
|
||||
if (this.settings.sshStrict) {
|
||||
sshCommand += ' -o StrictHostKeyChecking=yes -o CheckHostIP=no';
|
||||
this.sshCommand += ' -o StrictHostKeyChecking=yes -o CheckHostIP=no';
|
||||
}
|
||||
sshCommand += ` -o "UserKnownHostsFile=$RUNNER_TEMP/${path.basename(this.sshKnownHostsPath)}"`;
|
||||
core.info(`Temporarily overriding GIT_SSH_COMMAND=${sshCommand}`);
|
||||
this.git.setEnvironmentVariable('GIT_SSH_COMMAND', sshCommand);
|
||||
this.sshCommand += ` -o "UserKnownHostsFile=$RUNNER_TEMP/${path.basename(this.sshKnownHostsPath)}"`;
|
||||
core.info(`Temporarily overriding GIT_SSH_COMMAND=${this.sshCommand}`);
|
||||
this.git.setEnvironmentVariable('GIT_SSH_COMMAND', this.sshCommand);
|
||||
// Configure core.sshCommand
|
||||
if (this.settings.persistCredentials) {
|
||||
yield this.git.config(SSH_COMMAND_KEY, sshCommand);
|
||||
yield this.git.config(SSH_COMMAND_KEY, this.sshCommand);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
@ -37,6 +37,7 @@ class GitAuthHelper {
|
||||
private readonly tokenPlaceholderConfigValue: string
|
||||
private readonly insteadOfKey: string = `url.https://${HOSTNAME}/.insteadOf`
|
||||
private readonly insteadOfValue: string = `git@${HOSTNAME}:`
|
||||
private sshCommand = ''
|
||||
private sshKeyPath = ''
|
||||
private sshKnownHostsPath = ''
|
||||
private temporaryHomePath = ''
|
||||
@ -144,8 +145,14 @@ class GitAuthHelper {
|
||||
this.replaceTokenPlaceholder(configPath)
|
||||
}
|
||||
|
||||
if (this.settings.sshKey) {
|
||||
// Configure core.sshCommand
|
||||
await this.git.submoduleForeach(
|
||||
`git config --local '${SSH_COMMAND_KEY}' '${this.sshCommand}'`,
|
||||
this.settings.nestedSubmodules
|
||||
)
|
||||
} else {
|
||||
// Configure HTTPS instead of SSH
|
||||
if (!this.settings.sshKey) {
|
||||
await this.git.submoduleForeach(
|
||||
`git config --local '${this.insteadOfKey}' '${this.insteadOfValue}'`,
|
||||
this.settings.nestedSubmodules
|
||||
@ -218,21 +225,21 @@ class GitAuthHelper {
|
||||
|
||||
// Configure GIT_SSH_COMMAND
|
||||
const sshPath = await io.which('ssh', true)
|
||||
let sshCommand = `"${sshPath}" -i "$RUNNER_TEMP/${path.basename(
|
||||
this.sshCommand = `"${sshPath}" -i "$RUNNER_TEMP/${path.basename(
|
||||
this.sshKeyPath
|
||||
)}"`
|
||||
if (this.settings.sshStrict) {
|
||||
sshCommand += ' -o StrictHostKeyChecking=yes -o CheckHostIP=no'
|
||||
this.sshCommand += ' -o StrictHostKeyChecking=yes -o CheckHostIP=no'
|
||||
}
|
||||
sshCommand += ` -o "UserKnownHostsFile=$RUNNER_TEMP/${path.basename(
|
||||
this.sshCommand += ` -o "UserKnownHostsFile=$RUNNER_TEMP/${path.basename(
|
||||
this.sshKnownHostsPath
|
||||
)}"`
|
||||
core.info(`Temporarily overriding GIT_SSH_COMMAND=${sshCommand}`)
|
||||
this.git.setEnvironmentVariable('GIT_SSH_COMMAND', sshCommand)
|
||||
core.info(`Temporarily overriding GIT_SSH_COMMAND=${this.sshCommand}`)
|
||||
this.git.setEnvironmentVariable('GIT_SSH_COMMAND', this.sshCommand)
|
||||
|
||||
// Configure core.sshCommand
|
||||
if (this.settings.persistCredentials) {
|
||||
await this.git.config(SSH_COMMAND_KEY, sshCommand)
|
||||
await this.git.config(SSH_COMMAND_KEY, this.sshCommand)
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user