Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support authentification for private annotations repositories #963

Merged
merged 10 commits into from
Jun 14, 2022
Merged

Support authentification for private annotations repositories #963

merged 10 commits into from
Jun 14, 2022

Conversation

Morriar
Copy link
Collaborator

@Morriar Morriar commented Jun 3, 2022

Motivation

Allow users to import RBI annotations from private repositories. This is useful when using private gems for example.

Closes #962.

Implementation

Since we access the private repository files through http, the easiest way to go is to pass the Authentification header as well. This header can be provided by the user through the --auth option:

$ bin/tapioca annotations --sources https://raw.githubusercontent.com/$USER/$PRIVATE_REPO/$BRANCH --auth "token $TOKEN"

See the readme for more information.

Next step

Once we are able to provide the authentication (this PR), the next logical step will be to read this authentication from the netrc file.

Tests

See automated tests.

@Morriar Morriar added the enhancement New feature or request label Jun 3, 2022
@Morriar Morriar requested a review from a team June 3, 2022 17:56
@Morriar Morriar self-assigned this Jun 3, 2022
@Morriar Morriar mentioned this pull request Jun 3, 2022
Closed
@Morriar Morriar force-pushed the at-private-repos branch 2 times, most recently from 8e83761 to a02a98a Compare June 3, 2022 18:10
@Morriar
Add test for annotations using the default source over https
9ba3c8c 
Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar
Use HTTP.start instead of the shortcut get_response
93f81d4 
So we can pass headers later.

Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar
Allow recovering from a bad index
e18aa4d 
We need at least one index to work.
If a source is down, we show an error but we can still fetch annotations.

Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
KaanOzkan
KaanOzkan approved these changes Jun 3, 2022
View reviewed changes
Copy link
Contributor

@KaanOzkan KaanOzkan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We aren't testing the auth option but I assume you manually tested it.

vinistock
vinistock approved these changes Jun 6, 2022
View reviewed changes
Copy link
Member

@vinistock vinistock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not blocking this PR, but on the same mindset as Kaan, I think we should add unit tests including authentication.

README.md Outdated Show resolved Hide resolved
@Morriar
Copy link
Collaborator Author

Morriar commented Jun 6, 2022

About the tests, I'm not sure what would be the best way to test with a private repo: we would need to create one just for tests, store the token somewhere in the Github action, find a way to pass it to contributors so they can test locally etc.

@KaanOzkan, @vinistock any idea?

@Morriar
Allow passing HTTP authorization to access private RBI repos
feb4b74 
Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar
Fix trailing whitespaces in README
27c4fd0 
Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar
Improve README for annotations command
36deab4 
Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar
Hide auth option from the full configuration file presented in the …
207ccf7 
…README

Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar Morriar force-pushed the at-private-repos branch 2 times, most recently from 0fa9c05 to 4b0aa3b Compare June 13, 2022 17:17
@Morriar
Add dependency to webmock
f57424f 
Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar
Do not eagerly fetch annotations index
28c493c 
This will make it easier to test the command itself.

Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar
Add tests for the annotations command
ad2edea 
Signed-off-by: Alexandre Terrasa <alexandre.terrasa@shopify.com>
@Morriar
Copy link
Collaborator Author

Morriar commented Jun 13, 2022

As discussed offline, I added a test using webmock to ensure the authorization header was passed properly 👍

@Morriar Morriar merged commit 0838f77 into main Jun 14, 2022
@Morriar Morriar deleted the at-private-repos branch June 14, 2022 17:48
@shopify-shipit shopify-shipit bot temporarily deployed to production July 7, 2022 17:53 Inactive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KaanOzkan KaanOzkan KaanOzkan approved these changes

@vinistock vinistock vinistock approved these changes

Assignees

@Morriar Morriar

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

annotations command should allow using private repository
3 participants
@Morriar @KaanOzkan @vinistock