From 518a86712763e425471c9416e745630623e0c96d Mon Sep 17 00:00:00 2001 From: eric sciple Date: Wed, 11 Mar 2020 19:18:07 -0400 Subject: [PATCH] persist core.sshCommand for submodules --- __test__/git-auth-helper.test.ts | 166 +++++++++++++------------------ dist/index.js | 21 ++-- src/git-auth-helper.ts | 23 +++-- 3 files changed, 99 insertions(+), 111 deletions(-) diff --git a/__test__/git-auth-helper.test.ts b/__test__/git-auth-helper.test.ts index dc03ab3..67e1301 100644 --- a/__test__/git-auth-helper.test.ts +++ b/__test__/git-auth-helper.test.ts @@ -437,14 +437,74 @@ describe('git-auth-helper tests', () => { } ) - const configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeyNotSet = - 'configureSubmoduleAuth configures token when persist credentials true and SSH key not set' + const configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeyNotSet = + 'configureSubmoduleAuth configures submodules when persist credentials false and SSH key not set' it( - configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeyNotSet, + configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeyNotSet, async () => { // Arrange await setup( - configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeyNotSet + configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeyNotSet + ) + settings.persistCredentials = false + settings.sshKey = '' + const authHelper = gitAuthHelper.createAuthHelper(git, settings) + await authHelper.configureAuth() + const mockSubmoduleForeach = git.submoduleForeach as jest.Mock + mockSubmoduleForeach.mockClear() // reset calls + + // Act + await authHelper.configureSubmoduleAuth() + + // Assert + expect(mockSubmoduleForeach).toBeCalledTimes(1) + expect(mockSubmoduleForeach.mock.calls[0][0] as string).toMatch( + /unset-all.*insteadOf/ + ) + } + ) + + const configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet = + 'configureSubmoduleAuth configures submodules when persist credentials false and SSH key set' + it( + configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet, + async () => { + if (!sshPath) { + process.stdout.write( + `Skipped test "${configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet}". Executable 'ssh' not found in the PATH.\n` + ) + return + } + + // Arrange + await setup( + configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet + ) + settings.persistCredentials = false + const authHelper = gitAuthHelper.createAuthHelper(git, settings) + await authHelper.configureAuth() + const mockSubmoduleForeach = git.submoduleForeach as jest.Mock + mockSubmoduleForeach.mockClear() // reset calls + + // Act + await authHelper.configureSubmoduleAuth() + + // Assert + expect(mockSubmoduleForeach).toHaveBeenCalledTimes(1) + expect(mockSubmoduleForeach.mock.calls[0][0]).toMatch( + /unset-all.*insteadOf/ + ) + } + ) + + const configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeyNotSet = + 'configureSubmoduleAuth configures submodules when persist credentials true and SSH key not set' + it( + configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeyNotSet, + async () => { + // Arrange + await setup( + configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeyNotSet ) settings.sshKey = '' const authHelper = gitAuthHelper.createAuthHelper(git, settings) @@ -465,21 +525,21 @@ describe('git-auth-helper tests', () => { } ) - const configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeySet = - 'configureSubmoduleAuth configures token when persist credentials true and SSH key set' + const configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet = + 'configureSubmoduleAuth configures submodules when persist credentials true and SSH key set' it( - configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeySet, + configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet, async () => { if (!sshPath) { process.stdout.write( - `Skipped test "${configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeySet}". Executable 'ssh' not found in the PATH.\n` + `Skipped test "${configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet}". Executable 'ssh' not found in the PATH.\n` ) return } // Arrange await setup( - configureSubmoduleAuth_configuresTokenWhenPersistCredentialsTrueAndSshKeySet + configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet ) const authHelper = gitAuthHelper.createAuthHelper(git, settings) await authHelper.configureAuth() @@ -490,96 +550,12 @@ describe('git-auth-helper tests', () => { await authHelper.configureSubmoduleAuth() // Assert - expect(mockSubmoduleForeach).toHaveBeenCalledTimes(2) + expect(mockSubmoduleForeach).toHaveBeenCalledTimes(3) expect(mockSubmoduleForeach.mock.calls[0][0]).toMatch( /unset-all.*insteadOf/ ) expect(mockSubmoduleForeach.mock.calls[1][0]).toMatch(/http.*extraheader/) - } - ) - - const configureSubmoduleAuth_doesNotConfigureTokenWhenPersistCredentialsFalse = - 'configureSubmoduleAuth does not configure token when persist credentials false' - it( - configureSubmoduleAuth_doesNotConfigureTokenWhenPersistCredentialsFalse, - async () => { - // Arrange - await setup( - configureSubmoduleAuth_doesNotConfigureTokenWhenPersistCredentialsFalse - ) - settings.persistCredentials = false - const authHelper = gitAuthHelper.createAuthHelper(git, settings) - await authHelper.configureAuth() - const mockSubmoduleForeach = git.submoduleForeach as jest.Mock - mockSubmoduleForeach.mockClear() // reset calls - - // Act - await authHelper.configureSubmoduleAuth() - - // Assert - expect(mockSubmoduleForeach).toBeCalledTimes(1) - expect(mockSubmoduleForeach.mock.calls[0][0] as string).toMatch( - /unset-all.*insteadOf/ - ) - } - ) - - const configureSubmoduleAuth_doesNotConfigureUrlInsteadOfWhenPersistCredentialsTrueAndSshKeySet = - 'configureSubmoduleAuth does not configure URL insteadOf when persist credentials true and SSH key set' - it( - configureSubmoduleAuth_doesNotConfigureUrlInsteadOfWhenPersistCredentialsTrueAndSshKeySet, - async () => { - if (!sshPath) { - process.stdout.write( - `Skipped test "${configureSubmoduleAuth_doesNotConfigureUrlInsteadOfWhenPersistCredentialsTrueAndSshKeySet}". Executable 'ssh' not found in the PATH.\n` - ) - return - } - - // Arrange - await setup( - configureSubmoduleAuth_doesNotConfigureUrlInsteadOfWhenPersistCredentialsTrueAndSshKeySet - ) - const authHelper = gitAuthHelper.createAuthHelper(git, settings) - await authHelper.configureAuth() - const mockSubmoduleForeach = git.submoduleForeach as jest.Mock - mockSubmoduleForeach.mockClear() // reset calls - - // Act - await authHelper.configureSubmoduleAuth() - - // Assert - expect(mockSubmoduleForeach).toHaveBeenCalledTimes(2) - expect(mockSubmoduleForeach.mock.calls[0][0]).toMatch( - /unset-all.*insteadOf/ - ) - expect(mockSubmoduleForeach.mock.calls[1][0]).toMatch(/http.*extraheader/) - } - ) - - const configureSubmoduleAuth_removesUrlInsteadOfWhenPersistCredentialsFalse = - 'configureSubmoduleAuth removes URL insteadOf when persist credentials false' - it( - configureSubmoduleAuth_removesUrlInsteadOfWhenPersistCredentialsFalse, - async () => { - // Arrange - await setup( - configureSubmoduleAuth_removesUrlInsteadOfWhenPersistCredentialsFalse - ) - settings.persistCredentials = false - const authHelper = gitAuthHelper.createAuthHelper(git, settings) - await authHelper.configureAuth() - const mockSubmoduleForeach = git.submoduleForeach as jest.Mock - mockSubmoduleForeach.mockClear() // reset calls - - // Act - await authHelper.configureSubmoduleAuth() - - // Assert - expect(mockSubmoduleForeach).toBeCalledTimes(1) - expect(mockSubmoduleForeach.mock.calls[0][0] as string).toMatch( - /unset-all.*insteadOf/ - ) + expect(mockSubmoduleForeach.mock.calls[2][0]).toMatch(/core\.sshCommand/) } ) diff --git a/dist/index.js b/dist/index.js index 706f035..c7f2bca 100644 --- a/dist/index.js +++ b/dist/index.js @@ -5122,6 +5122,7 @@ class GitAuthHelper { this.tokenConfigKey = `http.https://${HOSTNAME}/.extraheader`; this.insteadOfKey = `url.https://${HOSTNAME}/.insteadOf`; this.insteadOfValue = `git@${HOSTNAME}:`; + this.sshCommand = ''; this.sshKeyPath = ''; this.sshKnownHostsPath = ''; this.temporaryHomePath = ''; @@ -5205,8 +5206,12 @@ class GitAuthHelper { core.debug(`Replacing token placeholder in '${configPath}'`); this.replaceTokenPlaceholder(configPath); } - // Configure HTTPS instead of SSH - if (!this.settings.sshKey) { + if (this.settings.sshKey) { + // Configure core.sshCommand + yield this.git.submoduleForeach(`git config --local '${SSH_COMMAND_KEY}' '${this.sshCommand}'`, this.settings.nestedSubmodules); + } + else { + // Configure HTTPS instead of SSH yield this.git.submoduleForeach(`git config --local '${this.insteadOfKey}' '${this.insteadOfValue}'`, this.settings.nestedSubmodules); } } @@ -5268,16 +5273,16 @@ class GitAuthHelper { yield fs.promises.writeFile(this.sshKnownHostsPath, knownHosts); // Configure GIT_SSH_COMMAND const sshPath = yield io.which('ssh', true); - let sshCommand = `"${sshPath}" -i "$RUNNER_TEMP/${path.basename(this.sshKeyPath)}"`; + this.sshCommand = `"${sshPath}" -i "$RUNNER_TEMP/${path.basename(this.sshKeyPath)}"`; if (this.settings.sshStrict) { - sshCommand += ' -o StrictHostKeyChecking=yes -o CheckHostIP=no'; + this.sshCommand += ' -o StrictHostKeyChecking=yes -o CheckHostIP=no'; } - sshCommand += ` -o "UserKnownHostsFile=$RUNNER_TEMP/${path.basename(this.sshKnownHostsPath)}"`; - core.info(`Temporarily overriding GIT_SSH_COMMAND=${sshCommand}`); - this.git.setEnvironmentVariable('GIT_SSH_COMMAND', sshCommand); + this.sshCommand += ` -o "UserKnownHostsFile=$RUNNER_TEMP/${path.basename(this.sshKnownHostsPath)}"`; + core.info(`Temporarily overriding GIT_SSH_COMMAND=${this.sshCommand}`); + this.git.setEnvironmentVariable('GIT_SSH_COMMAND', this.sshCommand); // Configure core.sshCommand if (this.settings.persistCredentials) { - yield this.git.config(SSH_COMMAND_KEY, sshCommand); + yield this.git.config(SSH_COMMAND_KEY, this.sshCommand); } }); } diff --git a/src/git-auth-helper.ts b/src/git-auth-helper.ts index 7418c7c..06e8912 100644 --- a/src/git-auth-helper.ts +++ b/src/git-auth-helper.ts @@ -37,6 +37,7 @@ class GitAuthHelper { private readonly tokenPlaceholderConfigValue: string private readonly insteadOfKey: string = `url.https://${HOSTNAME}/.insteadOf` private readonly insteadOfValue: string = `git@${HOSTNAME}:` + private sshCommand = '' private sshKeyPath = '' private sshKnownHostsPath = '' private temporaryHomePath = '' @@ -144,8 +145,14 @@ class GitAuthHelper { this.replaceTokenPlaceholder(configPath) } - // Configure HTTPS instead of SSH - if (!this.settings.sshKey) { + if (this.settings.sshKey) { + // Configure core.sshCommand + await this.git.submoduleForeach( + `git config --local '${SSH_COMMAND_KEY}' '${this.sshCommand}'`, + this.settings.nestedSubmodules + ) + } else { + // Configure HTTPS instead of SSH await this.git.submoduleForeach( `git config --local '${this.insteadOfKey}' '${this.insteadOfValue}'`, this.settings.nestedSubmodules @@ -218,21 +225,21 @@ class GitAuthHelper { // Configure GIT_SSH_COMMAND const sshPath = await io.which('ssh', true) - let sshCommand = `"${sshPath}" -i "$RUNNER_TEMP/${path.basename( + this.sshCommand = `"${sshPath}" -i "$RUNNER_TEMP/${path.basename( this.sshKeyPath )}"` if (this.settings.sshStrict) { - sshCommand += ' -o StrictHostKeyChecking=yes -o CheckHostIP=no' + this.sshCommand += ' -o StrictHostKeyChecking=yes -o CheckHostIP=no' } - sshCommand += ` -o "UserKnownHostsFile=$RUNNER_TEMP/${path.basename( + this.sshCommand += ` -o "UserKnownHostsFile=$RUNNER_TEMP/${path.basename( this.sshKnownHostsPath )}"` - core.info(`Temporarily overriding GIT_SSH_COMMAND=${sshCommand}`) - this.git.setEnvironmentVariable('GIT_SSH_COMMAND', sshCommand) + core.info(`Temporarily overriding GIT_SSH_COMMAND=${this.sshCommand}`) + this.git.setEnvironmentVariable('GIT_SSH_COMMAND', this.sshCommand) // Configure core.sshCommand if (this.settings.persistCredentials) { - await this.git.config(SSH_COMMAND_KEY, sshCommand) + await this.git.config(SSH_COMMAND_KEY, this.sshCommand) } }