Skip to content

Commit

Permalink
WIP
Browse files Browse the repository at this point in the history
  • Loading branch information
thockin committed Sep 20, 2023
1 parent a758776 commit e3447a4
Showing 1 changed file with 29 additions and 30 deletions.
59 changes: 29 additions & 30 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,6 @@ const (

const defaultDirMode = os.FileMode(0775) // subject to umask

// FIXME: should this carry SSH keys? if so, sub-structs?
type credential struct {
URL string `json:"url"`
Username string `json:"username"`
Expand Down Expand Up @@ -832,21 +831,27 @@ func main() {
}
}

if *flPassword != "" && *flPasswordFile != "" {
handleConfigError(log, true, "ERROR: only one of --password and --password-file may be specified")
}
if *flUsername != "" {
if *flPassword == "" && *flPasswordFile == "" {
handleConfigError(log, true, "ERROR: --password or --password-file must be set when --username is specified")
handleConfigError(log, true, "ERROR: --password or --password-file must be specified when --username is specified")
}
if *flPassword != "" && *flPasswordFile != "" {
handleConfigError(log, true, "ERROR: only one of --password and --password-file may be specified")
}
} else {
if *flPassword != "" {
handleConfigError(log, true, "ERROR: --password may only be specified when --username is specified")
}
if *flPasswordFile != "" {
handleConfigError(log, true, "ERROR: --password-file may only be specified when --username is specified")
}
}
//FIXME: mutex wih flCredentials?

credentials := []credential{}
if len(*flCredentials) > 0 {
for _, cred := range *flCredentials {
if cred.URL == "" {
//FIXME: can it default to --repo?
//FIXME: can it default to --repo? Then --username can be deprecated
handleConfigError(log, true, "ERROR: --credential URL must be specified")
}
if cred.Username == "" {
Expand All @@ -858,11 +863,10 @@ func main() {
if cred.Password != "" && cred.PasswordFile != "" {
handleConfigError(log, true, "ERROR: only one of --credential password and password-file may be specified")
}
//FIXME: askpass for this purpose, too?
credentials = append(credentials, cred)
}
}

//FIXME: do I need --ssh at all? With submodules, all sorts of variations can be in flight
if *flSSH {
if *flUsername != "" {
handleConfigError(log, true, "ERROR: only one of --ssh and --username may be specified")
Expand All @@ -873,7 +877,7 @@ func main() {
if *flPasswordFile != "" {
handleConfigError(log, true, "ERROR: only one of --ssh and --password-file may be specified")
}
//FIXME: mutex wih flCredentials?
//FIXME: can I use askpass and --credential together?
if *flAskPassURL != "" {
handleConfigError(log, true, "ERROR: only one of --ssh and --askpass-url may be specified")
}
Expand Down Expand Up @@ -946,6 +950,17 @@ func main() {
absLink := makeAbsPath(*flLink, absRoot)
absTouchFile := makeAbsPath(*flTouchFile, absRoot)

// Merge credential sources.
if *flUsername != "" {
cred := credential{
URL: *flRepo,
Username: *flUsername,
Password: *flPassword,
PasswordFile: *flPasswordFile,
}
*flCredentials = append([]credential{cred}, (*flCredentials)...)
}

if *flAddUser {
if err := addUser(); err != nil {
log.Error(err, "ERROR: can't add user")
Expand Down Expand Up @@ -992,19 +1007,9 @@ func main() {
os.Exit(1)
}

// FIXME: merge into flCredentials
if *flUsername != "" {
if *flPasswordFile != "" {
passwordFileBytes, err := os.ReadFile(*flPasswordFile)
if err != nil {
log.Error(err, "can't read password file", "file", *flPasswordFile)
os.Exit(1)
}
*flPassword = string(passwordFileBytes)
}
}
//FIXME: merge
for _, cred := range credentials {
// Finish populating credentials.
for i := range *flCredentials {
cred := &(*flCredentials)[i]
if cred.PasswordFile != "" {
passwordFileBytes, err := os.ReadFile(cred.PasswordFile)
if err != nil {
Expand Down Expand Up @@ -1135,14 +1140,8 @@ func main() {

// Craft a function that can be called to refresh credentials when needed.
refreshCreds := func(ctx context.Context) error {
//FIXME: still mutually exclusive?
// These should all be mutually-exclusive configs.
if *flUsername != "" {
if err := git.StoreCredentials(ctx, git.repo, *flUsername, *flPassword); err != nil {
return err
}
}
for _, cred := range credentials {
for _, cred := range *flCredentials {
if err := git.StoreCredentials(ctx, cred.URL, cred.Username, cred.Password); err != nil {
return err
}
Expand Down

0 comments on commit e3447a4

Please sign in to comment.