Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Always try to use oAuth token when fetching git repositories #301

Merged
merged 1 commit into from
May 10, 2022
Merged

feat: Always try to use oAuth token when fetching git repositories #301

merged 1 commit into from
May 10, 2022

Conversation

benoitf
Copy link
Contributor

@benoitf benoitf commented May 6, 2022

What does this PR do?

Use secrets when fetching git data and initiate oAuth workflow if possible

Before, it was done only in case of private repositories
Now it will try on all public and private repositories
If there is no oAuth configured for the current SCM URL, try to fetch
with unauthenticated access

Screenshot/screencast of this PR

What issues does this PR fix or reference?

eclipse-che/che#21346

How to test this PR?

  • Try to import a public project without any oAuth provider: should work as before (like a github URL)
  • Setup github oAuth for example and then try to import a public project. You'll check that oAuth dialog is prompted and then we have github personal access token

PR Checklist

As the author of this Pull Request I made sure that:

Reviewers

Reviewers, please comment how you tested the PR when approving it.

@benoitf
feat: Always try to use oAuth token when fetching git repositories
e923bcc 
Before, it was done only in case of private repositories
Now it will try on all public and private repositories
If there is no oAuth configured for the current SCM URL, try to fetch
with unauthenticated access
@mshaposhnik
Copy link
Contributor

Generally looks ok, only one question: will it initiate OAuth if you have GitHub configured, but trying to get the public repo?

@benoitf
Copy link
Contributor Author

benoitf commented May 9, 2022

will it initiate OAuth if you have GitHub configured, but trying to get the public repo?

The workflow is the following:
if you have the secret like

apiVersion: v1
metadata:
  name: github-oauth-config
  namespace: eclipse-che
  labels:
    app.kubernetes.io/part-of: che.eclipse.org
    app.kubernetes.io/component: oauth-scm-configuration
  annotations:
    che.eclipse.org/oauth-scm-server: github

Then, trying to import a public devfile repository like https://github.com/che-samples/java-spring-petclinic/tree/devfilev2 will then throw an exception to dashboard asking to perform the oAuth workflow

Then Dashboard will prompt oAuth and a github secret (personal access token) will be added to the namespace

Then, dashboard will initiate again the same request, and as we have personal access token, it will fetch data and we'll be authenticated on the container.

So it works either on private or public repositories.

@mshaposhnik
Copy link
Contributor

Ok if that's expected

@benoitf benoitf merged commit 7878b13 into eclipse-che:main May 10, 2022
@benoitf benoitf deleted the CHE-21346 branch May 10, 2022 08:34
@che-bot che-bot added this to the 7.48 milestone May 10, 2022
@benoitf benoitf mentioned this pull request May 12, 2022
Closed
@amisevsk amisevsk mentioned this pull request May 31, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mshaposhnik mshaposhnik mshaposhnik approved these changes

@nickboldt nickboldt Awaiting requested review from nickboldt

@skabashnyuk skabashnyuk Awaiting requested review from skabashnyuk

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
7.48
Development

Successfully merging this pull request may close these issues.
3 participants
@benoitf @mshaposhnik @che-bot