JohnHammond
/
buildkit
mirror of https://github.com/JohnHammond/buildkit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

git: set token only for main remote access 

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 5bf64293f8)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
v0.8
Tonis Tiigi 2021-02-19 00:22:02 -08:00 committed by Sebastiaan van Stijn
parent 3da6befd7f
commit 99bc88e139
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
source/git/gitsource.go
View File

@ -231,7 +231,7 @@ func (gs *gitSourceHandler) getAuthToken(ctx context.Context, g session.Group) e
if s.token { if s.token {
dt = []byte("basic " + base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("x-access-token:%s", dt)))) dt = []byte("basic " + base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("x-access-token:%s", dt))))
} }
gs.auth = []string{"-c", "http.extraheader=Authorization: " + string(dt)} gs.auth = []string{"-c", "http." + tokenScope(gs.src.Remote) + ".extraheader=Authorization: " + string(dt)}
break break
} }
return nil return nil
@ -631,3 +631,14 @@ func argsNoDepth(args []string) []string {
} }
return out return out
} }
func tokenScope(remote string) string {
// generally we can only use the token for fetching main remote but in case of github.com we do best effort
// to try reuse same token for all github.com remotes. This is the same behavior actions/checkout uses
for _, pfx := range []string{"https://github.com/", "https://www.github.com/"} {
if strings.HasPrefix(remote, pfx) {
return pfx
}
}
return remote
}