Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(repo): Add bearer authentication method for support various git hosting platform #7571

Open
wants to merge 4 commits into
base: main
Choose a base branch
from

Conversation

bunseokbot
Copy link

Description

This PR adds support for the bearer authentication method while pull git repository.

Related issues

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@bunseokbot bunseokbot changed the title feat(repo): Add bearer authentication method while using difference g… feat(repo): Add bearer authentication method for support various git hosting platform Sep 22, 2024
@knqyf263
Copy link
Collaborator

In #6833, it looks like the user wants to add support for Bitbucket. What if just adding BITBUCKET_TOKEN?

// Define a slice of token sources
tokenSources := []struct {
	envVar string
	name   string
}{
	{"GITHUB_TOKEN", "GitHub"},
	{"GITLAB_TOKEN", "GitLab"},
	{"BITBUCKET_TOKEN", "Bitbucket"},
}

// Iterate through token sources
for _, source := range tokenSources {
	token := os.Getenv(source.envVar)
	if token != "" {
		auth = &http.BasicAuth{
			Username: gitUsername,
			Password: token,
		}
		log.Printf("Found token for authentication", log.String("source", source.name))
		return auth
	}
}

@bunseokbot
Copy link
Author

In #6833, it looks like the user wants to add support for Bitbucket. What if just adding BITBUCKET_TOKEN?

// Define a slice of token sources
tokenSources := []struct {
	envVar string
	name   string
}{
	{"GITHUB_TOKEN", "GitHub"},
	{"GITLAB_TOKEN", "GitLab"},
	{"BITBUCKET_TOKEN", "Bitbucket"},
}

// Iterate through token sources
for _, source := range tokenSources {
	token := os.Getenv(source.envVar)
	if token != "" {
		auth = &http.BasicAuth{
			Username: gitUsername,
			Password: token,
		}
		log.Printf("Found token for authentication", log.String("source", source.name))
		return auth
	}
}

When I initially submitted the PR, I focused only on bearer authentication for Bitbucket, which is why I implemented it that way.

According to the official document, adding only BITBUCKET_TOKEN works fine.

Additionally, it seems we cannot use a fixed git username when user use AWS CodeCommit repository. Should I create a separate discussion to address this or add commit to review?

@knqyf263
Copy link
Collaborator

According to the official document, adding only BITBUCKET_TOKEN works fine.

Thanks for sharing the doc. Doesn't Bitbucket accept basic authentication with a bearer token? Did you see if the current implementation worked with Bitbucket?

For project or repository tokens, you must only use Bearer Auth without the username:

@bunseokbot
Copy link
Author

I think I might have missed some parts of the test. After reproducing the environment again, I confirmed that specifying the username is necessary. I’m not sure if my approach is 100% correct, but I made to allow specifying the username by GIT_USERNAME.

I planned to split the implementation into tokenauth and basicauth as before.
However, some services like AWS CodeCommit do not provide bearer authentication at all.

@teixeira-fernando
Copy link

I would also love to have support for bitbucket repositories. Is there any update regarding it?

@bunseokbot
Copy link
Author

@knqyf263 Is there any additional feedback or thoughts on this PR?

@DmitriyLewen
Copy link
Contributor

Hello @bunseokbot @teixeira-fernando

Hi, We have been busy with other more important issues lately.
Please be patient, we will try to get back to all PR as soon as possible.

@knqyf263
Copy link
Collaborator

It looks like the repository access token can be used with the fixed user name x-token-auth.
https://support.atlassian.com/bitbucket-cloud/docs/using-access-tokens/

@bunseokbot
Copy link
Author

It seems that using x-token-auth for the username is only valid in the Bitbucket Cloud version. (https://confluence.atlassian.com/bitbucketserver/clone-a-repository-790632786.html)

In the Bitbucket Data Center version, only username is specified, so I configured it to retrieve the username value using the GIT_USERNAME environment variable.

In the same way, if the user is using the Bitbucket Cloud version, it seems possible to resolve this by setting 'x-token-auth' in the GIT_USERNAME environment variable.

@knqyf263
Copy link
Collaborator

Then, it's better to add a new CLI flag rather than the env.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

feat: add flag to pass credentials to different Git hosting platforms
4 participants