feat(artifacts/gitRepo): support SSH auth #4052
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ethanfrogers
force-pushed
the
git-repo-ssh-support
branch
3 times, most recently
from
44ea60b
to
c81daa0
Compare
ezimanyi
approved these changes
Sep 26, 2019
| authType = AuthType.HTTP; | ||
| } else if (!StringUtils.isEmpty(token)) { | ||
| authType = AuthType.TOKEN; | ||
| } else if (!StringUtils.isEmpty(sshPrivateKeyFilePath) |
There was a problem hiding this comment.
Would we want to support the case where users have an SSH key without a passphrase?
There was a problem hiding this comment.
Possibly? I copied all of this logic from the App Engine logic so I assume most cases have been accounted for since it's been around longer. If cases like this come up I don't see why we couldn't just relax this condition in a patch.
| new JschConfigSessionFactory() { | ||
| @Override | ||
| protected void configure(OpenSshConfig.Host hc, Session session) { | ||
| if (sshKnownHostsFilePath == null && sshTrustUnknownHosts) { |
There was a problem hiding this comment.
Is there a use case for trusting unknown hosts even if you provide a known hosts file?
| defaultJSch.addIdentity(sshPrivateKeyFilePath, sshPrivateKeyPassphrase); | ||
|
|
||
| if (sshKnownHostsFilePath != null && sshTrustUnknownHosts) { | ||
| log.warn( |
There was a problem hiding this comment.
It feels like this warning could be closer to where we actually ignore the value of sshTrustUnknownHosts (ie, in confgure). (Or maybe that gets called too often to log...)
ethanfrogers
force-pushed
the
git-repo-ssh-support
branch
from
c81daa0
to
0165cc7
Compare
add support for ssh as an alternative authentication mechanisim
improve UX around errors for authentication. if the accounts authentication type doesn't support references of a type throw an error before trying to download it.
add support for ssh without a passphrase
ethanfrogers
force-pushed
the
git-repo-ssh-support
branch
from
3d4a3ce
to
754fa59
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
adds support for SSH authentication and also improves UX around what
happens if the users supplies a reference that isn't supported by the
auth type.