read extraheader from .git #2314
Conversation
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
|
Sorry I have no clue, why the cucumber test case is broken |
Signed-off-by: Marcel <marcel@mahillmann.de>
There was a problem hiding this comment.
Hi, this is an interesting feature. I'd like to enable you using hub with your Enterprise instance, but I wouldn't add this in this format yet, not until we clean up the code a bit and make some decisions about how hub.useragent is configured (I'd like to avoid keeping this in git config). If you're willing, let's iterate on this for now—I've added some thoughts below
github/client.go
Outdated
| if userAgent := os.Getenv("HUB_USERAGENT"); userAgent != "" { | ||
| UserAgent = userAgent | ||
| } else if userAgent, err := git.Config("hub.useragent"); err == nil { | ||
| UserAgent = userAgent |
There was a problem hiding this comment.
Does your Enterprise instance also require setting a custom user agent string?
There was a problem hiding this comment.
Hi,
our vhost is comparing the user-agent header, and accapt only "git/......".
I have verified it, a second ago.
github/client.go
Outdated
| @@ -970,6 +985,29 @@ func (client *Client) apiClient() *simpleClient { | |||
| return &simpleClient{ | |||
| httpClient: httpClient, | |||
| rootUrl: apiRoot, | |||
| extraHeader: func(r *http.Header) { | |||
| if headers, err := git.ConfigAll(fmt.Sprintf("http.%s://%s.extraheader", client.Host.Protocol, client.Host.Host)); err == nil { | |||
There was a problem hiding this comment.
I'm wondering whether it would be better to design this feature so that extraHeader is configured from the "outside" (being passed the list of extra headers), rather than making git requests here. I want to avoid the HTTP client being unnecessarily coupled to git config.
There was a problem hiding this comment.
We have utility, to handel the process with KeyCloack as IDP.
This tool is writing the git/extraHeader for the git cli workflow.
I could refactor this function, that it is call once and only the "r" manipulation is running
github/client.go
Outdated
|
|
||
| if len(cookies) > 0 && httpClient.Jar == nil { | ||
| httpClient.Jar, _ = cookiejar.New(&cookiejar.Options{PublicSuffixList: publicsuffix.List}) | ||
| httpClient.Jar.SetCookies(url, cookies) |
There was a problem hiding this comment.
Is keeping a cookie jar really necessary for API requests to your Enterprise instance?
There was a problem hiding this comment.
The dataflow is:
- Nginx
- 302: redirect to KeyCloack
KeyCloack is forwarding to internal server with SessionID and traceIds - Client is requesting again the GHE behind Nginx
- Nginx is passing to GHE
So there are 2 or 3 round trips with a bunch of cookies
# Conflicts: # github/client.go
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
Signed-off-by: Marcel <marcel@mahillmann.de>
As developer I like to use our Github Enterprise, which is protected by an keycloak.
We use a tool to set an cookie to the git cli an the hub has use the same cookie too.