diff options
author | Sadayuki Furuhashi <frsyuki@gmail.com> | 2015-07-30 13:43:54 -0700 |
---|---|---|
committer | Sadayuki Furuhashi <frsyuki@gmail.com> | 2015-07-30 13:43:54 -0700 |
commit | 1ab54c17e80fd4569bee2e4f14484642a0fa3bb1 (patch) | |
tree | 9bde2945119054ce41f39c799c12dce1a72f9491 | |
parent | 6afa89217cf052c58316da1f2be7bf54749ff9de (diff) | |
download | bundler-1ab54c17e80fd4569bee2e4f14484642a0fa3bb1.tar.gz |
Private access credentials for private git repositories
Pull-request #2825 added support for authorization credentials provided
by bundle-config for rubygems source. This change adds the same support
for HTTP(S) URL of git source.
Users can provide username and password as following:
bundle config https://github.com/bundler/bundler.git username:password
or
export BUNDLE_GITHUB__COM=username:password
Especially for private repositories on Github, users can use personal
OAuth tokens:
export BUNDLE_GITHUB__COM=abcd0123generatedtoken:x-oauth-basic
This enables us to easily deploy ruby code hosted on github private
repositories to production servers where storing shared password in
plain text at ~/.git-credentials is security risk.
-rw-r--r-- | lib/bundler/source/git/git_proxy.rb | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/lib/bundler/source/git/git_proxy.rb b/lib/bundler/source/git/git_proxy.rb index 0659d04452..e01847d030 100644 --- a/lib/bundler/source/git/git_proxy.rb +++ b/lib/bundler/source/git/git_proxy.rb @@ -68,12 +68,12 @@ module Bundler return if has_revision_cached? Bundler.ui.confirm "Updating #{uri}" in_path do - git_retry %|fetch --force --quiet --tags #{uri_escaped} "refs/heads/*:refs/heads/*"| + git_retry %|fetch --force --quiet --tags #{uri_escaped_with_configured_credentials} "refs/heads/*:refs/heads/*"| end else Bundler.ui.info "Fetching #{uri}" FileUtils.mkdir_p(path.dirname) - git_retry %|clone #{uri_escaped} "#{path}" --bare --no-hardlinks --quiet| + git_retry %|clone #{uri_escaped_with_configured_credentials} "#{path}" --bare --no-hardlinks --quiet| end end @@ -136,15 +136,28 @@ module Bundler end # Escape the URI for git commands - def uri_escaped + def uri_escaped_with_configured_credentials + remote = configured_uri_for(uri) if Bundler::WINDOWS # Windows quoting requires double quotes only, with double quotes # inside the string escaped by being doubled. - '"' + uri.gsub('"') { '""' } + '"' + '"' + remote.gsub('"') {|s| '""'} + '"' else # Bash requires single quoted strings, with the single quotes escaped # by ending the string, escaping the quote, and restarting the string. - "'" + uri.gsub("'") { "'\\''" } + "'" + "'" + remote.gsub("'") {|s| "'\\''"} + "'" + end + end + + # Adds credentials to the URI as Fetcher#configured_uri_for does + def configured_uri_for(uri) + if /https?:/ =~ uri + remote = URI(uri) + config_auth = Bundler.settings[remote.to_s] || Bundler.settings[remote.host] + remote.userinfo ||= config_auth + remote.to_s + else + uri end end |