Add support for accessing private GitHub repositories
Thank you to Faraday.
This commit is contained in:
Eric Kidd
parent
30341c0cfb
commit
96002c7986
|
|
@ -53,6 +53,11 @@ RUN curl https://sh.rustup.rs -sSf | \
|
|||
rustup target add x86_64-unknown-linux-musl
|
||||
ADD cargo-config.toml /home/rust/.cargo/config
|
||||
|
||||
# Set up a `git credentials` helper for using GH_USER and GH_TOKEN to access
|
||||
# private repositories if desired.
|
||||
ADD git-credential-ghtoken /usr/local/bin
|
||||
RUN git config --global credential.https://github.com.helper ghtoken
|
||||
|
||||
# Build a static library version of OpenSSL using musl-libc. This is
|
||||
# needed by the popular Rust `hyper` crate.
|
||||
RUN echo "Building OpenSSL" && \
|
||||
|
|
|
|||
|
|
@ -0,0 +1,79 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Usage: git-credential-ghtoken <operation>
|
||||
#
|
||||
# Allows `git` to authenticate with GitHub using `GH_USER` and `GH_TOKEN`
|
||||
# environment variables.
|
||||
#
|
||||
# To install this:
|
||||
#
|
||||
# git config --global credential.https://github.com.helper \
|
||||
# "$(pwd)/scripts/git-credential-ghtoken"
|
||||
#
|
||||
# Or copy it into your path and run:
|
||||
#
|
||||
# git config --global credential.https://github.com.helper ghtoken
|
||||
#
|
||||
#
|
||||
# Copyright (c) 2018 Faraday, Inc.
|
||||
#
|
||||
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
# of this software and associated documentation files (the "Software"), to deal
|
||||
# in the Software without restriction, including without limitation the rights
|
||||
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
# copies of the Software, and to permit persons to whom the Software is
|
||||
# furnished to do so, subject to the following conditions:
|
||||
#
|
||||
# The above copyright notice and this permission notice shall be included in all
|
||||
# copies or substantial portions of the Software.
|
||||
#
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
# SOFTWARE.
|
||||
|
||||
# Standard paranoia.
|
||||
set -euo pipefail
|
||||
|
||||
# Parse our command-line arguments.
|
||||
operation="$1"
|
||||
|
||||
# Ignore all operations besides `get`.
|
||||
if [ "$operation" != get ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Quit now if we don't have the necessary environment variables.
|
||||
if [ ! -v GH_USER ] || [ ! -v GH_TOKEN ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Parse the input we receive from `git`.
|
||||
while read line; do
|
||||
var="$(echo "$line" | sed 's/=.*$//')"
|
||||
val="$(echo "$line" | sed 's/^.*=//')"
|
||||
case "$var" in
|
||||
# Only send credentials over HTTPS.
|
||||
protocol)
|
||||
if [ "$val" != https ]; then
|
||||
exit 0
|
||||
fi
|
||||
;;
|
||||
# Only send credentials to GitHub (just extra paranoia; change as
|
||||
# needed).
|
||||
host)
|
||||
if [ "$val" != github.com ]; then
|
||||
exit 0
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Output our credentials.
|
||||
cat <<EOD
|
||||
username=$GH_USER
|
||||
password=$GH_TOKEN
|
||||
EOD
|
||||
Loading…
Reference in New Issue