From 12bed27f292aa2190d5d6f9d17b2b90abf59966a Mon Sep 17 00:00:00 2001 From: Tim Riedl Date: Fri, 5 Apr 2024 17:15:16 +0000 Subject: [PATCH] feat: add user auth via env --- modules/context/context.go | 45 ++++++++++++++++++++++++++++++++++++ modules/task/login_create.go | 24 ++++++++----------- modules/utils/validate.go | 34 +++++++++++++++++++++++++++ 3 files changed, 89 insertions(+), 14 deletions(-) create mode 100644 modules/utils/validate.go diff --git a/modules/context/context.go b/modules/context/context.go index 995ba25..c4d81b6 100644 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -10,6 +10,7 @@ import ( "os" "path" "strings" + "time" "code.gitea.io/sdk/gitea" "code.gitea.io/tea/modules/config" @@ -125,6 +126,12 @@ func InitCommand(ctx *cli.Context) *TeaContext { c.RepoSlug = repoFlag } + // override config user with env variable + envLogin := GetLoginByEnvVar() + if envLogin != nil { + c.Login = envLogin + } + // override login from flag, or use default login if repo based detection failed if len(loginFlag) != 0 { c.Login = config.GetLoginByName(loginFlag) @@ -231,3 +238,41 @@ func contextFromLocalRepo(repoPath, remoteValue string) (*git.TeaRepo, *config.L return repo, nil, "", errNotAGiteaRepo } + +func GetLoginByEnvVar() *config.Login { + var token string + + giteaToken := os.Getenv("GITEA_TOKEN") + githubToken := os.Getenv("GH_TOKEN") + giteaInstanceUrl := os.Getenv("GITEA_INSTANCE_URL") + + // if no tokens are set, or no instance url for gitea fail fast + if len(giteaInstanceUrl) == 0 || (len(giteaToken) == 0 && len(githubToken) == 0) { + return nil + } + + token = giteaToken + if len(giteaToken) == 0 { + token = githubToken + } + + serverURL, err := utils.ValidateAuthenticationMethod(giteaInstanceUrl, token, "", "", false, "", "") + if err != nil { + fmt.Errorf("%v", err) + } + + login := &config.Login{ + Name: "TEMP_GITEA_AUTH", + URL: serverURL.String(), + Token: token, + Insecure: true, // TODO revalidate decision + SSHKey: "", + SSHCertPrincipal: "", + SSHKeyFingerprint: "", + SSHAgent: false, + Created: time.Now().Unix(), + VersionCheck: false, + } + + return login +} diff --git a/modules/task/login_create.go b/modules/task/login_create.go index 527a4d4..9a74b03 100644 --- a/modules/task/login_create.go +++ b/modules/task/login_create.go @@ -32,21 +32,17 @@ func CreateLogin(name, token, user, passwd, otp, scopes, sshKey, giteaURL, sshCe return fmt.Errorf("token already been used, delete login '%s' first", login.Name) } - if !sshAgent && sshCertPrincipal == "" && sshKey == "" { - // .. if we have enough information to authenticate - if len(token) == 0 && (len(user)+len(passwd)) == 0 { - return fmt.Errorf("No token set") - } else if len(user) != 0 && len(passwd) == 0 { - return fmt.Errorf("No password set") - } else if len(user) == 0 && len(passwd) != 0 { - return fmt.Errorf("No user set") - } - } - - // Normalize URL - serverURL, err := utils.NormalizeURL(giteaURL) + serverURL, err := utils.ValidateAuthenticationMethod( + giteaURL, + token, + user, + passwd, + sshAgent, + sshKey, + sshCertPrincipal, + ) if err != nil { - return fmt.Errorf("Unable to parse URL: %s", err) + return err } // check if it's a certificate the principal doesn't matter as the user diff --git a/modules/utils/validate.go b/modules/utils/validate.go new file mode 100644 index 0000000..2e9d913 --- /dev/null +++ b/modules/utils/validate.go @@ -0,0 +1,34 @@ +package utils + +import ( + "fmt" + "net/url" +) + +func ValidateAuthenticationMethod( + giteaURL string, + token string, + user string, + passwd string, + sshAgent bool, + sshKey string, + sshCertPrincipal string, +) (*url.URL, error) { + // Normalize URL + serverURL, err := NormalizeURL(giteaURL) + if err != nil { + return nil, fmt.Errorf("Unable to parse URL: %s", err) + } + + if !sshAgent && sshCertPrincipal == "" && sshKey == "" { + // .. if we have enough information to authenticate + if len(token) == 0 && (len(user)+len(passwd)) == 0 { + return nil, fmt.Errorf("No token set") + } else if len(user) != 0 && len(passwd) == 0 { + return nil, fmt.Errorf("No password set") + } else if len(user) == 0 && len(passwd) != 0 { + return nil, fmt.Errorf("No user set") + } + } + return serverURL, nil +}