From 6db861bdc5dae5d2f26537b5d2f368d244161909 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20Bukovansk=C3=BD?= Date: Thu, 14 Jun 2018 11:38:34 +0200 Subject: [PATCH 1/2] Add usage of client certificate for HTTPS communication --- api/gitlab-bash-api.sh | 19 +++++++++++++++---- .../my-secrets-configuration.sh | 5 +++++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/api/gitlab-bash-api.sh b/api/gitlab-bash-api.sh index 061da21..412db25 100644 --- a/api/gitlab-bash-api.sh +++ b/api/gitlab-bash-api.sh @@ -32,7 +32,7 @@ function gitlab_get_page { local curl_url="${GITLAB_URL_PREFIX}/api/${GITLAB_API_VERSION}/${api_url}?page=${page}&per_page=${PER_PAGE_MAX}&${api_params}" local curl_result - curl_result=$(curl --include --silent --header "PRIVATE-TOKEN: ${GITLAB_PRIVATE_TOKEN}" "${curl_url}") + curl_result=$(curl --include --silent --header "PRIVATE-TOKEN: ${GITLAB_PRIVATE_TOKEN}" "${curl_url}" ${client_certificate}) local curl_rc=$? if [ $curl_rc -ne 0 ]; then @@ -110,7 +110,7 @@ function gitlab_post { local curl_url="${GITLAB_URL_PREFIX}/api/${GITLAB_API_VERSION}/${api_url}?per_page=${PER_PAGE_MAX}&${api_params}" local curl_result - curl_result=$(curl --header "PRIVATE-TOKEN: ${GITLAB_PRIVATE_TOKEN}" -X POST --silent "${curl_url}") + curl_result=$(curl --header "PRIVATE-TOKEN: ${GITLAB_PRIVATE_TOKEN}" -X POST --silent "${curl_url}" ${client_certificate}) local curl_rc=$? if [ $curl_rc -ne 0 ]; then @@ -131,7 +131,7 @@ function gitlab_put { local curl_url="${GITLAB_URL_PREFIX}/api/${GITLAB_API_VERSION}/${api_url}?per_page=${PER_PAGE_MAX}&${api_params}" local curl_result - curl_result=$(curl --header "PRIVATE-TOKEN: ${GITLAB_PRIVATE_TOKEN}" -X PUT --silent "${curl_url}") + curl_result=$(curl --header "PRIVATE-TOKEN: ${GITLAB_PRIVATE_TOKEN}" -X PUT --silent "${curl_url}" ${client_certificate}) local curl_rc=$? if [ $curl_rc -ne 0 ]; then @@ -152,7 +152,7 @@ function gitlab_delete { local curl_url="${GITLAB_URL_PREFIX}/api/${GITLAB_API_VERSION}/${api_url}?per_page=${PER_PAGE_MAX}&${api_params}" local curl_result - curl_result=$(curl --header "PRIVATE-TOKEN: ${GITLAB_PRIVATE_TOKEN}" -X DELETE --silent "${curl_url}") + curl_result=$(curl --header "PRIVATE-TOKEN: ${GITLAB_PRIVATE_TOKEN}" -X DELETE --silent "${curl_url}" ${client_certificate}) local curl_rc=$? if [ $curl_rc -ne 0 ]; then @@ -398,3 +398,14 @@ if [ -z "${PER_PAGE_MAX}" ]; then # Max value for GitLab is 100 PER_PAGE_MAX=50 fi + +#prepare client_certificate part of CURL +if [ -n ${GITLAB_CLIENT_CERTIFICATE} ]; then + client_certificate=" --cert ${GITLAB_CLIENT_CERTIFICATE}" + if [ ! -n ${GITLAB_CLIENT_CERTIFICATE_PASSWORD} ]; then + client_certificate+=":${GITLAB_CLIENT_CERTIFICATE_PASSWORD}" + fi + client_certificate+=" --key ${GITLAB_PRIVATE_KEY}" +else + client_certificate="" +fi diff --git a/custom-config-sample/my-secrets-configuration.sh b/custom-config-sample/my-secrets-configuration.sh index 85cb98d..2c404dd 100644 --- a/custom-config-sample/my-secrets-configuration.sh +++ b/custom-config-sample/my-secrets-configuration.sh @@ -11,3 +11,8 @@ GITLAB_PRIVATE_TOKEN=__YOUR_GITLAB_TOKEN_HERE__ #GITLAB_USER=__YOUR_GIT_USER__ #GITLAB_PASSWORD=$(url_encode '__YOUR_GIT_USER_PASSWORD__') #GITLAB_CLONE_HTTP_PREFIX="https://${GITLAB_USER}:${GITLAB_PASSWORD}@${GITLAB_URL_PREFIX#"https://"}" + +# If client certificate is needed for HTTPS communication with GitLab server +#GITLAB_CLIENT_CERTIFICATE=__PATH_TO_YOUR_CLIENT_CERTIFICATE__ +#GITLAB_CLIENT_CERTIFICATE_PASSWORD=__PASSWORD_FOR_YOUR_CLIENT_CERTIFICATE__ +#GITLAB_PRIVATE_KEY=__PATH_TO_YOUR_PRIVATE_KEY__ From b4a07ef7fbb7a05c12f541a4d8eda79b9aaa63af Mon Sep 17 00:00:00 2001 From: Richard Bukovansky Date: Thu, 26 Jul 2018 15:45:28 +0200 Subject: [PATCH 2/2] Safer way of getting LF and CR --- api/gitlab-bash-api.sh | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/api/gitlab-bash-api.sh b/api/gitlab-bash-api.sh index 412db25..4982cdf 100644 --- a/api/gitlab-bash-api.sh +++ b/api/gitlab-bash-api.sh @@ -10,14 +10,12 @@ # # Last version is available on GitHub: https://github.com/cClaude/gitlab-bash-api # -declare LF -LF=" -" -declare -r LF - -declare CR -CR="$(echo -e "\r")" -declare -r CR +chr() { + printf \\$(printf '%03o' $1) +} + +declare -r LF=$(chr "10") +declare -r CR=$(chr "13") NEXT_PAGE='*'