mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-12-22 16:36:30 +00:00
Add flag to always authenticate when cloning public repositories (#760)
As a developer using an custom git server (e.g. Github Enterprise) I would like to be able to authenticate the user on repositories which are marked as public. See issue: https://github.com/woodpecker-ci/woodpecker/issues/473 Ref: https://github.com/woodpecker-ci/woodpecker/pull/693#issuecomment-1025771162
This commit is contained in:
parent
8ce41788e8
commit
f16525fae5
5 changed files with 19 additions and 5 deletions
|
@ -91,6 +91,11 @@ var flags = []cli.Flag{
|
||||||
Name: "open",
|
Name: "open",
|
||||||
Usage: "enable open user registration",
|
Usage: "enable open user registration",
|
||||||
},
|
},
|
||||||
|
&cli.BoolFlag{
|
||||||
|
EnvVars: []string{"WOODPECKER_AUTHENTICATE_PUBLIC_REPOS"},
|
||||||
|
Name: "authenticate-public-repos",
|
||||||
|
Usage: "Always use authentication to clone repositories even if they are public. Needed if the SCM requires to always authenticate as used by many companies.",
|
||||||
|
},
|
||||||
&cli.StringFlag{
|
&cli.StringFlag{
|
||||||
EnvVars: []string{"WOODPECKER_DOCS"},
|
EnvVars: []string{"WOODPECKER_DOCS"},
|
||||||
Name: "docs",
|
Name: "docs",
|
||||||
|
|
|
@ -271,6 +271,9 @@ func setupEvilGlobals(c *cli.Context, v store.Store, r remote.Remote) {
|
||||||
server.Config.Services.Senders = sender.NewRemote(endpoint)
|
server.Config.Services.Senders = sender.NewRemote(endpoint)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// authentication
|
||||||
|
server.Config.Pipeline.AuthenticatePublicRepos = c.Bool("authenticate-public-repos")
|
||||||
|
|
||||||
// limits
|
// limits
|
||||||
server.Config.Pipeline.Limits.MemSwapLimit = c.Int64("limit-mem-swap")
|
server.Config.Pipeline.Limits.MemSwapLimit = c.Int64("limit-mem-swap")
|
||||||
server.Config.Pipeline.Limits.MemLimit = c.Int64("limit-mem")
|
server.Config.Pipeline.Limits.MemLimit = c.Int64("limit-mem")
|
||||||
|
|
|
@ -159,6 +159,11 @@ Enable to allow user registration.
|
||||||
|
|
||||||
Link to documentation in the UI.
|
Link to documentation in the UI.
|
||||||
|
|
||||||
|
### `WOODPECKER_AUTHENTICATE_PUBLIC_REPOS`
|
||||||
|
> Default: `false`
|
||||||
|
|
||||||
|
Always use authentication to clone repositories even if they are public. Needed if the SCM requires to always authenticate as used by many companies.
|
||||||
|
|
||||||
### `WOODPECKER_SESSION_EXPIRES`
|
### `WOODPECKER_SESSION_EXPIRES`
|
||||||
> Default: `72h`
|
> Default: `72h`
|
||||||
|
|
||||||
|
|
|
@ -66,10 +66,11 @@ var Config = struct {
|
||||||
AuthToken string
|
AuthToken string
|
||||||
}
|
}
|
||||||
Pipeline struct {
|
Pipeline struct {
|
||||||
Limits model.ResourceLimit
|
AuthenticatePublicRepos bool
|
||||||
Volumes []string
|
Limits model.ResourceLimit
|
||||||
Networks []string
|
Volumes []string
|
||||||
Privileged []string
|
Networks []string
|
||||||
|
Privileged []string
|
||||||
}
|
}
|
||||||
FlatPermissions bool // TODO(485) temporary workaround to not hit api rate limits
|
FlatPermissions bool // TODO(485) temporary workaround to not hit api rate limits
|
||||||
}{}
|
}{}
|
||||||
|
|
|
@ -244,7 +244,7 @@ func (b *ProcBuilder) toInternalRepresentation(parsed *yaml.Config, environ map[
|
||||||
b.Netrc.Password,
|
b.Netrc.Password,
|
||||||
b.Netrc.Machine,
|
b.Netrc.Machine,
|
||||||
),
|
),
|
||||||
b.Repo.IsSCMPrivate,
|
b.Repo.IsSCMPrivate || server.Config.Pipeline.AuthenticatePublicRepos,
|
||||||
),
|
),
|
||||||
compiler.WithRegistry(registries...),
|
compiler.WithRegistry(registries...),
|
||||||
compiler.WithSecret(secrets...),
|
compiler.WithSecret(secrets...),
|
||||||
|
|
Loading…
Reference in a new issue