feat: add user auth via env

2024-04-05 17:15:16 +00:00 · 2024-04-05 17:15:16 +00:00 · 12bed27f29
parent 4fedaaafe1
commit 12bed27f29
3 changed files with 89 additions and 14 deletions
--- a/modules/context/context.go
+++ b/modules/context/context.go
@ -10,6 +10,7 @@ import (
 	"os"
 	"path"
 	"strings"
+	"time"

 	"code.gitea.io/sdk/gitea"
 	"code.gitea.io/tea/modules/config"
@ -125,6 +126,12 @@ func InitCommand(ctx *cli.Context) *TeaContext {
 		c.RepoSlug = repoFlag
 	}

+	// override config user with env variable
+	envLogin := GetLoginByEnvVar()
+	if envLogin != nil {
+		c.Login = envLogin
+	}
+
 	// override login from flag, or use default login if repo based detection failed
 	if len(loginFlag) != 0 {
 		c.Login = config.GetLoginByName(loginFlag)
@ -231,3 +238,41 @@ func contextFromLocalRepo(repoPath, remoteValue string) (*git.TeaRepo, *config.L

 	return repo, nil, "", errNotAGiteaRepo
 }
+
+func GetLoginByEnvVar() *config.Login {
+	var token string
+
+	giteaToken := os.Getenv("GITEA_TOKEN")
+	githubToken := os.Getenv("GH_TOKEN")
+	giteaInstanceUrl := os.Getenv("GITEA_INSTANCE_URL")
+
+	// if no tokens are set, or no instance url for gitea fail fast
+	if len(giteaInstanceUrl) == 0 || (len(giteaToken) == 0 && len(githubToken) == 0) {
+		return nil
+	}
+
+	token = giteaToken
+	if len(giteaToken) == 0 {
+		token = githubToken
+	}
+
+	serverURL, err := utils.ValidateAuthenticationMethod(giteaInstanceUrl, token, "", "", false, "", "")
+	if err != nil {
+		fmt.Errorf("%v", err)
+	}
+
+	login := &config.Login{
+		Name:              "TEMP_GITEA_AUTH",
+		URL:               serverURL.String(),
+		Token:             token,
+		Insecure:          true, // TODO revalidate decision
+		SSHKey:            "",
+		SSHCertPrincipal:  "",
+		SSHKeyFingerprint: "",
+		SSHAgent:          false,
+		Created:           time.Now().Unix(),
+		VersionCheck:      false,
+	}
+
+	return login
+}
--- a/modules/task/login_create.go
+++ b/modules/task/login_create.go
@ -32,21 +32,17 @@ func CreateLogin(name, token, user, passwd, otp, scopes, sshKey, giteaURL, sshCe
 		return fmt.Errorf("token already been used, delete login '%s' first", login.Name)
 	}

-	if !sshAgent && sshCertPrincipal == "" && sshKey == "" {
-		// .. if we have enough information to authenticate
-		if len(token) == 0 && (len(user)+len(passwd)) == 0 {
-			return fmt.Errorf("No token set")
-		} else if len(user) != 0 && len(passwd) == 0 {
-			return fmt.Errorf("No password set")
-		} else if len(user) == 0 && len(passwd) != 0 {
-			return fmt.Errorf("No user set")
-		}
-	}
-
-	// Normalize URL
-	serverURL, err := utils.NormalizeURL(giteaURL)
+	serverURL, err := utils.ValidateAuthenticationMethod(
+		giteaURL,
+		token,
+		user,
+		passwd,
+		sshAgent,
+		sshKey,
+		sshCertPrincipal,
+	)
 	if err != nil {
-		return fmt.Errorf("Unable to parse URL: %s", err)
+		return err
 	}

 	// check if it's a certificate the principal doesn't matter as the user
--- a/modules/utils/validate.go
+++ b/modules/utils/validate.go
@ -0,0 +1,34 @@
+package utils
+
+import (
+	"fmt"
+	"net/url"
+)
+
+func ValidateAuthenticationMethod(
+	giteaURL string,
+	token string,
+	user string,
+	passwd string,
+	sshAgent bool,
+	sshKey string,
+	sshCertPrincipal string,
+) (*url.URL, error) {
+	// Normalize URL
+	serverURL, err := NormalizeURL(giteaURL)
+	if err != nil {
+		return nil, fmt.Errorf("Unable to parse URL: %s", err)
+	}
+
+	if !sshAgent && sshCertPrincipal == "" && sshKey == "" {
+		// .. if we have enough information to authenticate
+		if len(token) == 0 && (len(user)+len(passwd)) == 0 {
+			return nil, fmt.Errorf("No token set")
+		} else if len(user) != 0 && len(passwd) == 0 {
+			return nil, fmt.Errorf("No password set")
+		} else if len(user) == 0 && len(passwd) != 0 {
+			return nil, fmt.Errorf("No user set")
+		}
+	}
+	return serverURL, nil
+}