From 8322cbe3b608c6f3997c9fac6dc0af03fedfedb1 Mon Sep 17 00:00:00 2001 From: Carlos Alexandro Becker Date: Mon, 15 Jun 2020 11:16:50 -0300 Subject: [PATCH] feat: accept GIT_TOKEN Signed-off-by: Carlos Alexandro Becker --- README.md | 16 +++++++++------- pkg/buildcontext/git.go | 6 ++++++ pkg/buildcontext/git_test.go | 22 ++++++++++++++++++++++ 3 files changed, 37 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 5e0b7bdb7..5238d6802 100644 --- a/README.md +++ b/README.md @@ -176,7 +176,9 @@ If you are using Azure Blob Storage for context file, you will need to pass [Azu You can use `Personal Access Tokens` for Build Contexts from Private Repositories from [GitHub](https://blog.github.com/2012-09-21-easier-builds-and-deployments-using-git-over-https-and-oauth/). You can either pass this in as part of the git URL (e.g., `git://TOKEN@github.com/acme/myproject.git#refs/heads/mybranch`) -or using the environment variable `GIT_USERNAME`. +or using the environment variable `GIT_TOKEN`. + +You can also pass `GIT_USERNAME` and `GIT_PASSWORD` (password being the token) if you want to be explicit about the username. ### Using Standard Input If running kaniko and using Standard Input build context, you will need to add the docker or kubernetes `-i, --interactive` flag. @@ -197,7 +199,7 @@ Complete example of how to interactively run kaniko with `.tar.gz` Standard Inpu echo -e 'FROM alpine \nRUN echo "created from standard input"' > Dockerfile | tar -cf - Dockerfile | gzip -9 | kubectl run kaniko \ --rm --stdin=true \ --image=gcr.io/kaniko-project/executor:latest --restart=Never \ ---overrides='{ +--overrides='{ "apiVersion": "v1", "spec": { "containers": [ @@ -211,12 +213,12 @@ echo -e 'FROM alpine \nRUN echo "created from standard input"' > Dockerfile | ta "--context=tar://stdin", "--destination=gcr.io/my-repo/my-image" ], "volumeMounts": [ - { + { "name": "cabundle", "mountPath": "/kaniko/ssl/certs/" }, - { - "name": "docker-config", + { + "name": "docker-config", "mountPath": "/kaniko/.docker/" }] }], @@ -225,9 +227,9 @@ echo -e 'FROM alpine \nRUN echo "created from standard input"' > Dockerfile | ta "name": "cabundle", "configMap": { "name": "cabundle"}}, - { + { "name": "docker-config", - "configMap": { + "configMap": { "name": "docker-config" }} ] } diff --git a/pkg/buildcontext/git.go b/pkg/buildcontext/git.go index 18d6e2ded..61d71342e 100644 --- a/pkg/buildcontext/git.go +++ b/pkg/buildcontext/git.go @@ -34,6 +34,7 @@ const ( gitAuthUsernameEnvKey = "GIT_USERNAME" gitAuthPasswordEnvKey = "GIT_PASSWORD" + gitAuthTokenEnvKey = "GIT_TOKEN" ) var ( @@ -64,6 +65,11 @@ func (g *Git) UnpackTarFromBuildContext() (string, error) { func getGitAuth() transport.AuthMethod { username := os.Getenv(gitAuthUsernameEnvKey) password := os.Getenv(gitAuthPasswordEnvKey) + token := os.Getenv(gitAuthTokenEnvKey) + if token != "" { + username = token + password = "" + } if username != "" || password != "" { return &http.BasicAuth{ Username: username, diff --git a/pkg/buildcontext/git_test.go b/pkg/buildcontext/git_test.go index aaa487c92..cc23eefd8 100644 --- a/pkg/buildcontext/git_test.go +++ b/pkg/buildcontext/git_test.go @@ -149,6 +149,28 @@ func TestGetGitAuth(t *testing.T) { return }, }, + { + testName: "withToken", + setEnv: func() (expectedValue transport.AuthMethod) { + token := "super-secret-password-1234" + _ = os.Setenv(gitAuthTokenEnvKey, token) + expectedValue = &http.BasicAuth{Username: token} + return + }, + }, + { + testName: "withTokenUsernamePassword", + setEnv: func() (expectedValue transport.AuthMethod) { + token := "super-secret-password-1234" + username := "foo" + pass := "super-secret-password-1234" + _ = os.Setenv(gitAuthUsernameEnvKey, username) + _ = os.Setenv(gitAuthPasswordEnvKey, pass) + _ = os.Setenv(gitAuthTokenEnvKey, token) + expectedValue = &http.BasicAuth{Username: token} + return + }, + }, } for _, tt := range tests {