mirrors/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2024-12-22 16:36:30 +00:00
Code Issues Projects Releases Wiki Activity

Add flag to always authenticate when cloning public repositories (#760)

Browse source 
As a developer using an custom git server (e.g. Github Enterprise) I would like to be able to authenticate 
the user on repositories which are marked as public.

See issue: https://github.com/woodpecker-ci/woodpecker/issues/473

Ref: https://github.com/woodpecker-ci/woodpecker/pull/693#issuecomment-1025771162
This commit is contained in:
Zav Shotan 2022-02-08 11:55:08 -05:00 committed by GitHub
parent 8ce41788e8
commit f16525fae5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 19 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
cmd/server/flags.go
View file

@ -91,6 +91,11 @@ var flags = []cli.Flag{
Name: "open", Name: "open",
Usage: "enable open user registration", Usage: "enable open user registration",
}, },
&cli.BoolFlag{
EnvVars: []string{"WOODPECKER_AUTHENTICATE_PUBLIC_REPOS"},
Name: "authenticate-public-repos",
Usage: "Always use authentication to clone repositories even if they are public. Needed if the SCM requires to always authenticate as used by many companies.",
},
&cli.StringFlag{ &cli.StringFlag{
EnvVars: []string{"WOODPECKER_DOCS"}, EnvVars: []string{"WOODPECKER_DOCS"},
Name: "docs", Name: "docs",

3
cmd/server/server.go
View file

@ -271,6 +271,9 @@ func setupEvilGlobals(c *cli.Context, v store.Store, r remote.Remote) {
server.Config.Services.Senders = sender.NewRemote(endpoint) server.Config.Services.Senders = sender.NewRemote(endpoint)
} }
// authentication
server.Config.Pipeline.AuthenticatePublicRepos = c.Bool("authenticate-public-repos")
// limits // limits
server.Config.Pipeline.Limits.MemSwapLimit = c.Int64("limit-mem-swap") server.Config.Pipeline.Limits.MemSwapLimit = c.Int64("limit-mem-swap")
server.Config.Pipeline.Limits.MemLimit = c.Int64("limit-mem") server.Config.Pipeline.Limits.MemLimit = c.Int64("limit-mem")

5
docs/docs/30-administration/10-server-config.md
View file

@ -159,6 +159,11 @@ Enable to allow user registration.
Link to documentation in the UI. Link to documentation in the UI.
### `WOODPECKER_AUTHENTICATE_PUBLIC_REPOS`
> Default: `false`
Always use authentication to clone repositories even if they are public. Needed if the SCM requires to always authenticate as used by many companies.
### `WOODPECKER_SESSION_EXPIRES` ### `WOODPECKER_SESSION_EXPIRES`
> Default: `72h` > Default: `72h`

1
server/config.go
View file

@ -66,6 +66,7 @@ var Config = struct {
AuthToken string AuthToken string
} }
Pipeline struct { Pipeline struct {
AuthenticatePublicRepos bool
Limits model.ResourceLimit Limits model.ResourceLimit
Volumes []string Volumes []string
Networks []string Networks []string

2
server/shared/procBuilder.go
View file

@ -244,7 +244,7 @@ func (b *ProcBuilder) toInternalRepresentation(parsed *yaml.Config, environ map[
b.Netrc.Password, b.Netrc.Password,
b.Netrc.Machine, b.Netrc.Machine,
), ),
b.Repo.IsSCMPrivate, b.Repo.IsSCMPrivate || server.Config.Pipeline.AuthenticatePublicRepos,
), ),
compiler.WithRegistry(registries...), compiler.WithRegistry(registries...),
compiler.WithSecret(secrets...), compiler.WithSecret(secrets...),