fix(KFLUXBUGS-1215): prefetch: add git auth support and logging #944
Conversation
scoheb
force-pushed
the
prefetch-gitauth
branch
from
ebdc1a2 to
1685757
Compare
scoheb
changed the title
| |---|-----------------------------------------------------------------------------------------------------------------------------------------------------|---|---| | ||
| |input| Configures project packages that will have their dependencies prefetched. ||true| | ||
| |dev-package-managers| Enable in-development package managers. WARNING: the behavior may change at any time without notice. Use at your own risk. |false|false| | ||
| |enable-debug-logging| Enable debug logging with cachi2 |false|false| |
There was a problem hiding this comment.
Thanks for adding this option. Could we make it more generic?
| |enable-debug-logging| Enable debug logging with cachi2 |false|false| | |
| |log-level| Set cachi2 log level |info|false| |
There was a problem hiding this comment.
I'm concerned with the amount of logic this copy-pastes from the clone task. Do we really need # Compatibility with kubernetes.io/basic-auth secrets? If not, this would just be a cp and chmod of two files.
If we do, then oh well. Let's call this a limitation of Tekton 🥲
| # needed or else you'll see "could not read Username for 'https://gitlab.com':" | ||
| cd $(workspaces.source.path)/source && git config remote.origin.url $(cat "${PARAM_USER_HOME}/.git-credentials") |
There was a problem hiding this comment.
This doesn't seem right, the clone task doesn't need it.
I think this approach may also print credentials in the task logs in some cases (IIUC that's why #861 was needed, unfortunately can't tell anymore from the description)
There was a problem hiding this comment.
And cachi2 might include the credentials in the SBOM, it uses the origin url to construct the purl of packages coming from the source repo
There was a problem hiding this comment.
And cachi2 might include the credentials in the SBOM, it uses the origin url to construct the purl of packages coming from the source repo
There was a problem hiding this comment.
I have altered my approach. please review
- needed for private repos - add ability to turn on cachi2 debug logging fixes KFLUXBUGS-1215 Signed-off-by: Scott Hebert <[email protected]>
Signed-off-by: Scott Hebert <[email protected]>
Signed-off-by: Scott Hebert <[email protected]>
scoheb
force-pushed
the
prefetch-gitauth
branch
from
844c796 to
04a33a5
Compare
|
|
There's no need to do this differently than the clone task. I've tested it and opened #953 |
If that looks reasonable, let's keep only the logging option here |
|
Closed in favour of #953 |
fixes KFLUXBUGS-1215