Add M1.

Add support for ssh passphrases.
Fix tagging failing with 400 while no remote tags yet.
2022-01-14 15:38:10 +01:00 · 2022-01-14 12:35:20 +01:00 · 2022-01-12 12:44:09 +01:00
6 changed files with 58 additions and 35 deletions
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -12,13 +12,19 @@ builds:
    goos:
      - linux
      - darwin
    goarch:
      - arm64
      - amd64
      - 386
    main: ./cmd/gomodproxy/main.go
 archives:
  - replacements:
      darwin: Darwin
      linux: Linux
      windows: Windows
      386: i386
      amd64: x86_64
      arm64: Arm64
 checksum:
  name_template: 'checksums.txt'
 snapshot:
--- a/cmd/gomodproxy/main.go
+++ b/cmd/gomodproxy/main.go
@@ -137,7 +137,8 @@ func main() {
 		if len(kv) != 2 {
 			log.Fatal("bad git path:", path)
 		}
-		options = append(options, api.GitWithEphemeralTags(kv[0], kv[1]))
+		password := os.Getenv("SSH_PASSPHRASE")
 		options = append(options, api.GitWithEphemeralTags(kv[0], kv[1], password))
 	}
 	for _, path := range vcsPaths {
--- a/pkg/api/api.go
+++ b/pkg/api/api.go
@@ -74,9 +74,9 @@ func GitDir(dir string) Option { return func(api *api) { api.gitdir = dir } }
 // Git configures API to use a specific git client when trying to download a
 // repository with the given prefix. Auth string can be a path to the SSK key,
 // or a colon-separated username:password string.
-func Git(prefix string, auth string) Option {
+func Git(prefix, key, password string) Option {
-	a := vcs.Key(auth)
+	a := vcs.Key(key, password)
-	if creds := strings.SplitN(auth, ":", 2); len(creds) == 2 {
+	if creds := strings.SplitN(key, ":", 2); len(creds) == 2 {
 		a = vcs.Password(creds[0], creds[1])
 	}
 	return func(api *api) {
@@ -92,12 +92,13 @@ func Git(prefix string, auth string) Option {
 // GitWithEphemeralTags configures API to use a specific git client when trying
 // to download a repository with the given prefix. Auth string can be a path to
 // the SSK key, or a colon-separated username:password string.
-func GitWithEphemeralTags(prefix string, auth string) Option {
+func GitWithEphemeralTags(prefix, key, password string) Option {
-
+	// TODO(bilus): Ugly but we don't want to mess with the : encoding so
 	// we'll work around the issue of having to pass a passphrase
 	// to decrypt a key.
 	storage := vcs.NewEphemeralTagStorage()
-
+	a := vcs.Key(key, password)
-	a := vcs.Key(auth)
+	if creds := strings.SplitN(key, ":", 2); len(creds) == 2 {
 	if creds := strings.SplitN(auth, ":", 2); len(creds) == 2 {
 		a = vcs.Password(creds[0], creds[1])
 	}
 	return func(api *api) {
--- a/pkg/vcs/git.go
+++ b/pkg/vcs/git.go
@@ -34,6 +34,8 @@ type gitVCS struct {
 	auth   Auth
 }
 var ErrNoMatchingVersion = errors.New("no matching versions")
 // NewGit return a go-git VCS client implementation that provides information
 // about the specific module using the pgiven authentication mechanism.
 func NewGit(l logger, dir string, module string, auth Auth) VCS {
@@ -61,9 +63,8 @@ func (g *gitVCS) List(ctx context.Context) ([]Version, error) {
 	if err != nil {
 		return nil, err
 	}
 	list := []Version{}
-	var masterHash plumbing.Hash
+	masterHash := ""
 	tagPrefix := ""
 	if g.prefix != "" {
 		tagPrefix = g.prefix + "/"
@@ -71,18 +72,24 @@ func (g *gitVCS) List(ctx context.Context) ([]Version, error) {
 	for _, ref := range refs {
 		name := ref.Name()
 		if name == plumbing.Master {
-			masterHash = ref.Hash()
+			masterHash = ref.Hash().String()
 		} else if name.IsTag() && strings.HasPrefix(name.String(), "refs/tags/"+tagPrefix+"v") {
 			list = append(list, Version(strings.TrimPrefix(name.String(), "refs/tags/"+tagPrefix)))
 		}
 	}
 	if len(list) == 0 {
-		if masterHash.IsZero() {
+		if masterHash == "" {
 			return nil, errors.New("no tags and no master branch found")
 		}
-		masterCommit, err := repo.CommitObject(masterHash)
+		short := masterHash[:12]
 		version, err := g.versionFromHash(ctx, short)
 		if err != nil {
 			return nil, err
 		}
 		masterCommit, err := g.commit(ctx, version)
 		if err != nil {
 			return nil, err
 		}
@@ -92,23 +99,27 @@ func (g *gitVCS) List(ctx context.Context) ([]Version, error) {
 			return nil, err
 		}
 		// No tags while it's a module.
 		if g.isModule(tree) {
-			return nil, errors.New("no matching versions")
+			return nil, ErrNoMatchingVersion
 		}
-		hashStr := masterHash.String()
+		list = []Version{version}
 		short := hashStr[:12]
 		t, err := g.Timestamp(ctx, Version("v0.0.0-20060102150405-"+short))
 		if err != nil {
 			return nil, err
 		}
 		list = []Version{Version(fmt.Sprintf("v0.0.0-%s-%s", t.Format("20060102150405"), short))}
 	}
 	g.log("gitVCS.List", "module", g.module, "list", list)
 	return list, nil
 }
 func (g *gitVCS) versionFromHash(ctx context.Context, hash string) (Version, error) {
 	t, err := g.Timestamp(ctx, Version("v0.0.0-20060102150405-"+hash))
 	if err != nil {
 		return Version(""), err
 	}
 	v := Version(fmt.Sprintf("v0.0.0-%s-%s", t.Format("20060102150405"), hash))
 	return v, nil
 }
 func (g *gitVCS) isModule(tree *object.Tree) bool {
 	mod := "go.mod"
 	for path := g.prefix; path != "."; path = filepath.Dir(path) {
@@ -313,7 +324,7 @@ func (g *gitVCS) commit(ctx context.Context, version Version) (*object.Commit, e
 func (g *gitVCS) authMethod() (transport.AuthMethod, error) {
 	if g.auth.Key != "" {
-		return ssh.NewPublicKeysFromFile("git", g.auth.Key, "")
+		return ssh.NewPublicKeysFromFile("git", g.auth.Key, g.auth.Password)
 	} else if g.auth.Username != "" {
 		return &http.BasicAuth{Username: g.auth.Username, Password: g.auth.Password}, nil
 	}
--- a/pkg/vcs/tags.go
+++ b/pkg/vcs/tags.go
@@ -62,8 +62,20 @@ func NewGitWithEphemeralTags(l logger, dir string, module string, auth Auth, sto
 	}
 }
-func (v *taggableVCS) Tag(ctx context.Context, semVer Version, short string) error {
+func (v *taggableVCS) safeList(ctx context.Context) ([]Version, error) {
 	remoteVersions, err := v.wrapped.List(ctx)
 	if err != nil {
 		// Ignore this error, we can still count on ephemeral tags.
 		if err != ErrNoMatchingVersion {
 			return nil, err
 		}
 		v.wrapped.log("No remote version tags yet:", err)
 	}
 	return remoteVersions, nil
 }
 func (v *taggableVCS) Tag(ctx context.Context, semVer Version, short string) error {
 	remoteVersions, err := v.safeList(ctx)
 	if err != nil {
 		return err
 	}
@@ -74,11 +86,10 @@ func (v *taggableVCS) Tag(ctx context.Context, semVer Version, short string) err
 }
 func (v *taggableVCS) List(ctx context.Context) ([]Version, error) {
-	remoteVersions, err := v.wrapped.List(ctx)
+	remoteVersions, err := v.safeList(ctx)
 	if err != nil {
 		return nil, err
 	}
 	tags := v.storage.tags(v.module)
 	// Remote versions win.
 	return appendEphemeralVersion(remoteVersions, tags...), nil
@@ -124,14 +135,7 @@ func (v *taggableVCS) Zip(ctx context.Context, version Version) (io.ReadCloser,
 func (v *taggableVCS) resolveVersion(ctx context.Context, version Version) (Version, error) {
 	for _, tag := range v.storage.tags(v.module) {
 		if tag.semVer == version {
-			// TODO(bilus): Duplicated in git.go.
+			return v.wrapped.versionFromHash(ctx, tag.short)
 			t, err := v.wrapped.Timestamp(ctx, Version("v0.0.0-20060102150405-"+tag.short))
 			if err != nil {
 				return Version(""), err
 			}
 			version2 := Version(fmt.Sprintf("v0.0.0-%s-%s", t.Format("20060102150405"), tag.short))
 			return version2, nil
 		}
 	}
 	return version, nil
--- a/pkg/vcs/vcs.go
+++ b/pkg/vcs/vcs.go
@@ -61,4 +61,4 @@ func NoAuth() Auth { return Auth{} }
 func Password(username, password string) Auth { return Auth{Username: username, Password: password} }
 // Key returns an Auth implementation that uses key file authentication mechanism.
-func Key(key string) Auth { return Auth{Key: key} }
+func Key(key, password string) Auth { return Auth{Key: key, Password: password} }
Author	SHA1	Message	Date
Marcin Bilski	68959a741a	Add M1.	2022-01-14 15:38:10 +01:00
Marcin Bilski	c327898faa	Add support for ssh passphrases.	2022-01-14 12:35:20 +01:00
Marcin Bilski	6768e02d91	Fix tagging failing with 400 while no remote tags yet.	2022-01-12 12:44:09 +01:00