New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add additional git authentication rules #13477
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needs also real test runs
Will do and report back |
Tested on a real repo with a private repo: renovate-support/feature-13477#2 However the next step will be to add it to python, where python can use private repos with |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some doubts on the url changes
We may need to defer this or use another solution. Some things I found out:
In essence there is currently no way for me to add this feature with the same replacement url I would therefore suggest to keep the |
I like your idea of the workaround, and isn't it still superior to what we have now anyway? |
Yes, it would still be an improvement, my plan is the following:
|
Refactored the code according to the plan mentioned above:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, but we should validate this with real tests against major platforms.
@zharinov Any hints for best testing this?
needs deconflicting |
I know almost nothing about this particular subject 🤔🤷♂️ |
@viceice We can test this once we implement this in python. Poetry supports git@ syntax as well, which this is the base for. If required, I can combine the two PRs into this one |
I think I'm OK to merge this as it appears backwards-compatible. Worst case it might makes some artifacts updating fail, but that's still a "soft" fail which should also be easily detectable. |
🎉 This PR is included in version 31.67.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
Changes:
Add additional git authentication rules to the git environment.
Context:
We should support all common ways on how to fetch a repository.
This includes
https
andssh
.When this is implemented it should solve some problems with docker sidecars not being able to fetch repositories because of missing private keys or missing tokens.
This makes it obsolete for bot users to somehow fiddle a ssh key into the side car containers.
Taken from:
https://coolaj86.com/articles/vanilla-devops-git-credentials-cheatsheet/
Documentation (please check one with an [x])
How I've tested my work (please tick one)
I have verified these changes via: