Add support for ssh passphrases.
This commit is contained in:
Marcin Bilski
parent
6768e02d91
commit
c327898faa
@ -137,7 +137,8 @@ func main() {
|
||||
if len(kv) != 2 {
|
||||
log.Fatal("bad git path:", path)
|
||||
}
|
||||
options = append(options, api.GitWithEphemeralTags(kv[0], kv[1]))
|
||||
password := os.Getenv("SSH_PASSPHRASE")
|
||||
options = append(options, api.GitWithEphemeralTags(kv[0], kv[1], password))
|
||||
}
|
||||
|
||||
for _, path := range vcsPaths {
|
||||
|
||||
@ -74,9 +74,9 @@ func GitDir(dir string) Option { return func(api *api) { api.gitdir = dir } }
|
||||
// Git configures API to use a specific git client when trying to download a
|
||||
// repository with the given prefix. Auth string can be a path to the SSK key,
|
||||
// or a colon-separated username:password string.
|
||||
func Git(prefix string, auth string) Option {
|
||||
a := vcs.Key(auth)
|
||||
if creds := strings.SplitN(auth, ":", 2); len(creds) == 2 {
|
||||
func Git(prefix, key, password string) Option {
|
||||
a := vcs.Key(key, password)
|
||||
if creds := strings.SplitN(key, ":", 2); len(creds) == 2 {
|
||||
a = vcs.Password(creds[0], creds[1])
|
||||
}
|
||||
return func(api *api) {
|
||||
@ -92,12 +92,13 @@ func Git(prefix string, auth string) Option {
|
||||
// GitWithEphemeralTags configures API to use a specific git client when trying
|
||||
// to download a repository with the given prefix. Auth string can be a path to
|
||||
// the SSK key, or a colon-separated username:password string.
|
||||
func GitWithEphemeralTags(prefix string, auth string) Option {
|
||||
|
||||
func GitWithEphemeralTags(prefix, key, password string) Option {
|
||||
// TODO(bilus): Ugly but we don't want to mess with the : encoding so
|
||||
// we'll work around the issue of having to pass a passphrase
|
||||
// to decrypt a key.
|
||||
storage := vcs.NewEphemeralTagStorage()
|
||||
|
||||
a := vcs.Key(auth)
|
||||
if creds := strings.SplitN(auth, ":", 2); len(creds) == 2 {
|
||||
a := vcs.Key(key, password)
|
||||
if creds := strings.SplitN(key, ":", 2); len(creds) == 2 {
|
||||
a = vcs.Password(creds[0], creds[1])
|
||||
}
|
||||
return func(api *api) {
|
||||
|
||||
@ -324,7 +324,7 @@ func (g *gitVCS) commit(ctx context.Context, version Version) (*object.Commit, e
|
||||
|
||||
func (g *gitVCS) authMethod() (transport.AuthMethod, error) {
|
||||
if g.auth.Key != "" {
|
||||
return ssh.NewPublicKeysFromFile("git", g.auth.Key, "")
|
||||
return ssh.NewPublicKeysFromFile("git", g.auth.Key, g.auth.Password)
|
||||
} else if g.auth.Username != "" {
|
||||
return &http.BasicAuth{Username: g.auth.Username, Password: g.auth.Password}, nil
|
||||
}
|
||||
|
||||
@ -61,4 +61,4 @@ func NoAuth() Auth { return Auth{} }
|
||||
func Password(username, password string) Auth { return Auth{Username: username, Password: password} }
|
||||
|
||||
// Key returns an Auth implementation that uses key file authentication mechanism.
|
||||
func Key(key string) Auth { return Auth{Key: key} }
|
||||
func Key(key, password string) Auth { return Auth{Key: key, Password: password} }
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user