mirror of
https://github.com/game-ci/unity-builder.git
synced 2026-06-07 06:30:17 -07:00
fix: prettier formatting for orchestrator-folders-auth test
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
frostebite
102
dist/index.js
generated
vendored
102
dist/index.js
generated
vendored
@@ -327,6 +327,7 @@ class BuildParameters {
|
||||
containerRegistryRepository: input_1.default.containerRegistryRepository,
|
||||
containerRegistryImageVersion: input_1.default.containerRegistryImageVersion,
|
||||
providerStrategy: orchestrator_options_1.default.providerStrategy,
|
||||
gitAuthMode: orchestrator_options_1.default.gitAuthMode,
|
||||
buildPlatform: orchestrator_options_1.default.buildPlatform,
|
||||
kubeConfig: orchestrator_options_1.default.kubeConfig,
|
||||
containerMemory: orchestrator_options_1.default.containerMemory,
|
||||
@@ -1944,6 +1945,29 @@ exports["default"] = OrchestratorEnvironmentVariable;
|
||||
|
||||
"use strict";
|
||||
|
||||
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
||||
if (k2 === undefined) k2 = k;
|
||||
var desc = Object.getOwnPropertyDescriptor(m, k);
|
||||
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
||||
desc = { enumerable: true, get: function() { return m[k]; } };
|
||||
}
|
||||
Object.defineProperty(o, k2, desc);
|
||||
}) : (function(o, m, k, k2) {
|
||||
if (k2 === undefined) k2 = k;
|
||||
o[k2] = m[k];
|
||||
}));
|
||||
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
||||
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
||||
}) : function(o, v) {
|
||||
o["default"] = v;
|
||||
});
|
||||
var __importStar = (this && this.__importStar) || function (mod) {
|
||||
if (mod && mod.__esModule) return mod;
|
||||
var result = {};
|
||||
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
||||
__setModuleDefault(result, mod);
|
||||
return result;
|
||||
};
|
||||
var __importDefault = (this && this.__importDefault) || function (mod) {
|
||||
return (mod && mod.__esModule) ? mod : { "default": mod };
|
||||
};
|
||||
@@ -1998,12 +2022,57 @@ class OrchestratorFolders {
|
||||
static get libraryCacheFolderFull() {
|
||||
return node_path_1.default.join(OrchestratorFolders.cacheFolderForCacheKeyFull, `Library`);
|
||||
}
|
||||
/**
|
||||
* Whether to use http.extraHeader for git authentication (secure, default)
|
||||
* instead of embedding the token in clone URLs (legacy).
|
||||
*/
|
||||
static get useHeaderAuth() {
|
||||
return orchestrator_1.default.buildParameters.gitAuthMode !== 'url';
|
||||
}
|
||||
static get unityBuilderRepoUrl() {
|
||||
if (OrchestratorFolders.useHeaderAuth) {
|
||||
return `https://github.com/${orchestrator_1.default.buildParameters.orchestratorRepoName}.git`;
|
||||
}
|
||||
return `https://${orchestrator_1.default.buildParameters.gitPrivateToken}@github.com/${orchestrator_1.default.buildParameters.orchestratorRepoName}.git`;
|
||||
}
|
||||
static get targetBuildRepoUrl() {
|
||||
if (OrchestratorFolders.useHeaderAuth) {
|
||||
return `https://github.com/${orchestrator_1.default.buildParameters.githubRepo}.git`;
|
||||
}
|
||||
return `https://${orchestrator_1.default.buildParameters.gitPrivateToken}@github.com/${orchestrator_1.default.buildParameters.githubRepo}.git`;
|
||||
}
|
||||
/**
|
||||
* Shell commands to configure git authentication via http.extraHeader.
|
||||
* Uses GIT_PRIVATE_TOKEN env var so the token never appears in clone URLs or git config output.
|
||||
* This is the same mechanism used by actions/checkout.
|
||||
*
|
||||
* Only emits commands when gitAuthMode is 'header' (default). In 'url' mode,
|
||||
* returns a no-op comment since the token is already in the URL.
|
||||
*/
|
||||
static get gitAuthConfigScript() {
|
||||
if (!OrchestratorFolders.useHeaderAuth) {
|
||||
return `# git auth: using token-in-URL mode (legacy)`;
|
||||
}
|
||||
return `# git auth: configuring http.extraHeader (secure mode)
|
||||
if [ -n "$GIT_PRIVATE_TOKEN" ]; then
|
||||
git config --global http.https://github.com/.extraHeader "Authorization: Basic $(printf '%s' "x-access-token:$GIT_PRIVATE_TOKEN" | base64 -w 0)"
|
||||
fi`;
|
||||
}
|
||||
/**
|
||||
* Configure git authentication via http.extraHeader in the current Node process.
|
||||
* For use in the remote-client where shell scripts aren't used.
|
||||
* Only configures when gitAuthMode is 'header' (default).
|
||||
*/
|
||||
static async configureGitAuth() {
|
||||
if (!OrchestratorFolders.useHeaderAuth)
|
||||
return;
|
||||
const token = orchestrator_1.default.buildParameters.gitPrivateToken || process.env.GIT_PRIVATE_TOKEN || '';
|
||||
if (!token)
|
||||
return;
|
||||
const encoded = Buffer.from(`x-access-token:${token}`).toString('base64');
|
||||
const { OrchestratorSystem } = await Promise.resolve().then(() => __importStar(__nccwpck_require__(9744)));
|
||||
await OrchestratorSystem.Run(`git config --global http.https://github.com/.extraHeader "Authorization: Basic ${encoded}"`);
|
||||
}
|
||||
static get buildVolumeFolder() {
|
||||
return 'data';
|
||||
}
|
||||
@@ -2204,6 +2273,9 @@ class OrchestratorOptions {
|
||||
}
|
||||
return provider || 'local';
|
||||
}
|
||||
static get gitAuthMode() {
|
||||
return OrchestratorOptions.getInput('gitAuthMode') || 'header';
|
||||
}
|
||||
static get containerCpu() {
|
||||
return OrchestratorOptions.getInput('containerCpu') || `1024`;
|
||||
}
|
||||
@@ -7985,6 +8057,7 @@ class RemoteClient {
|
||||
}
|
||||
remote_client_logger_1.RemoteClientLogger.log(`Initializing source repository for cloning with caching of LFS files`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global advice.detachedHead false`);
|
||||
await orchestrator_folders_1.OrchestratorFolders.configureGitAuth();
|
||||
remote_client_logger_1.RemoteClientLogger.log(`Cloning the repository being built:`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global filter.lfs.smudge "git-lfs smudge --skip -- %f"`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global filter.lfs.process "git-lfs filter-process --skip"`);
|
||||
@@ -8089,10 +8162,7 @@ class RemoteClient {
|
||||
const gitPrivateToken = process.env.GIT_PRIVATE_TOKEN;
|
||||
if (gitPrivateToken) {
|
||||
remote_client_logger_1.RemoteClientLogger.log(`Attempting to pull LFS files with GIT_PRIVATE_TOKEN...`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."https://github.com/".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."ssh://git@github.com/".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."git@github.com".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global url."https://${gitPrivateToken}@github.com/".insteadOf "https://github.com/"`);
|
||||
await RemoteClient.configureTokenAuth(gitPrivateToken);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git lfs pull`, true);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git lfs checkout || true`, true);
|
||||
remote_client_logger_1.RemoteClientLogger.log(`Successfully pulled LFS files with GIT_PRIVATE_TOKEN`);
|
||||
@@ -8107,10 +8177,7 @@ class RemoteClient {
|
||||
const githubToken = process.env.GITHUB_TOKEN;
|
||||
if (githubToken) {
|
||||
remote_client_logger_1.RemoteClientLogger.log(`Attempting to pull LFS files with GITHUB_TOKEN fallback...`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."https://github.com/".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."ssh://git@github.com/".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."git@github.com".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global url."https://${githubToken}@github.com/".insteadOf "https://github.com/"`);
|
||||
await RemoteClient.configureTokenAuth(githubToken);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git lfs pull`, true);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git lfs checkout || true`, true);
|
||||
remote_client_logger_1.RemoteClientLogger.log(`Successfully pulled LFS files with GITHUB_TOKEN`);
|
||||
@@ -8167,6 +8234,23 @@ class RemoteClient {
|
||||
}
|
||||
return false;
|
||||
}
|
||||
/**
|
||||
* Configure git authentication for a token. In header mode (default), uses
|
||||
* http.extraHeader so the token never appears in URLs or git config output.
|
||||
* In url mode (legacy), uses url.insteadOf to embed the token in URLs.
|
||||
*/
|
||||
static async configureTokenAuth(token) {
|
||||
if (orchestrator_folders_1.OrchestratorFolders.useHeaderAuth) {
|
||||
const encoded = Buffer.from(`x-access-token:${token}`).toString('base64');
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global http.https://github.com/.extraHeader "Authorization: Basic ${encoded}"`);
|
||||
}
|
||||
else {
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."https://github.com/".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."ssh://git@github.com/".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global --unset-all url."git@github.com".insteadOf || true`);
|
||||
await orchestrator_system_1.OrchestratorSystem.Run(`git config --global url."https://${token}@github.com/".insteadOf "https://github.com/"`);
|
||||
}
|
||||
}
|
||||
}
|
||||
__decorate([
|
||||
(0, cli_functions_repository_1.CliFunction)(`remote-cli-pre-build`, `sets up a repository, usually before a game-ci build`)
|
||||
@@ -9725,6 +9809,7 @@ printenv
|
||||
git config --global advice.detachedHead false
|
||||
git config --global filter.lfs.smudge "git-lfs smudge --skip -- %f"
|
||||
git config --global filter.lfs.process "git-lfs filter-process --skip"
|
||||
${orchestrator_folders_1.OrchestratorFolders.gitAuthConfigScript}
|
||||
BRANCH="${orchestrator_1.default.buildParameters.orchestratorBranch}"
|
||||
REPO="${orchestrator_folders_1.OrchestratorFolders.unityBuilderRepoUrl}"
|
||||
if [ -n "$(git ls-remote --heads "$REPO" "$BRANCH" 2>/dev/null)" ]; then
|
||||
@@ -9842,6 +9927,7 @@ class BuildAutomationWorkflow {
|
||||
static setupCommands(builderPath, isContainerized) {
|
||||
// prettier-ignore
|
||||
const commands = `mkdir -p ${orchestrator_folders_1.OrchestratorFolders.ToLinuxFolder(orchestrator_folders_1.OrchestratorFolders.builderPathAbsolute)}
|
||||
${orchestrator_folders_1.OrchestratorFolders.gitAuthConfigScript}
|
||||
BRANCH="${orchestrator_1.default.buildParameters.orchestratorBranch}"
|
||||
REPO="${orchestrator_folders_1.OrchestratorFolders.unityBuilderRepoUrl}"
|
||||
DEST="${orchestrator_folders_1.OrchestratorFolders.ToLinuxFolder(orchestrator_folders_1.OrchestratorFolders.builderPathAbsolute)}"
|
||||
|
||||
2
dist/index.js.map
generated
vendored
2
dist/index.js.map
generated
vendored
File diff suppressed because one or more lines are too long
@@ -111,12 +111,8 @@ describe('OrchestratorFolders git auth', () => {
|
||||
|
||||
// Verify the base64 encoding and extraHeader config are correct
|
||||
const expectedEncoded = Buffer.from('x-access-token:ghp_test123').toString('base64');
|
||||
expect(OrchestratorSystem.Run).toHaveBeenCalledWith(
|
||||
expect.stringContaining(expectedEncoded),
|
||||
);
|
||||
expect(OrchestratorSystem.Run).toHaveBeenCalledWith(
|
||||
expect.stringContaining('.extraHeader'),
|
||||
);
|
||||
expect(OrchestratorSystem.Run).toHaveBeenCalledWith(expect.stringContaining(expectedEncoded));
|
||||
expect(OrchestratorSystem.Run).toHaveBeenCalledWith(expect.stringContaining('.extraHeader'));
|
||||
});
|
||||
|
||||
it('should not run git config in url mode', async () => {
|
||||
|
||||
Reference in New Issue
Block a user