Skip to content

Commit

Permalink
CR-15471-insecure-git-providers (#640)
Browse files Browse the repository at this point in the history
* send certFile to autopilot + git api calls
* updated autopilot dependency
removed applicationset dependency (it's inside argocd)
* increase lint timeout to 10m
  • Loading branch information
ATGardner authored Nov 20, 2022
1 parent 22311fd commit 64ee1a3
Show file tree
Hide file tree
Showing 14 changed files with 224 additions and 194 deletions.
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
VERSION=v0.1.8
VERSION=v0.1.9

OUT_DIR=dist
YEAR?=$(shell date +"%Y")
Expand Down Expand Up @@ -122,7 +122,7 @@ $(OUT_DIR)/$(CLI_NAME).image: $(CLI_SRCS)
.PHONY: lint
lint: $(GOBIN)/golangci-lint tidy
@echo linting go code...
@golangci-lint run --fix --timeout 6m
@golangci-lint run --fix --timeout 10m

.PHONY: test
test:
Expand Down
2 changes: 1 addition & 1 deletion cmd/commands/git-source.go
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,7 @@ func NewGitSourceCreateCommand() *cobra.Command {
insCloneOpts.Parse()
gsCloneOpts.Parse()

gitProvider, err = cfgit.GetProvider(cfgit.ProviderType(gsCloneOpts.Provider), gsCloneOpts.Repo)
gitProvider, err = cfgit.GetProvider(cfgit.ProviderType(gsCloneOpts.Provider), gsCloneOpts.Repo, gsCloneOpts.Auth.CertFile)
if err != nil {
log.G(ctx).Fatal("failed to infer git provider for git-source")
}
Expand Down
5 changes: 2 additions & 3 deletions cmd/commands/runtime.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,6 @@ import (
apgit "github.com/argoproj-labs/argocd-autopilot/pkg/git"
"github.com/argoproj-labs/argocd-autopilot/pkg/kube"
apstore "github.com/argoproj-labs/argocd-autopilot/pkg/store"
appset "github.com/argoproj/applicationset/api/v1alpha1"
argocdv1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
argocdv1alpha1cs "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned"
platmodel "github.com/codefresh-io/go-sdk/pkg/codefresh/model"
Expand Down Expand Up @@ -1063,9 +1062,9 @@ func downloadFile(response *http.Response, fullFilename string) error {
return err
}

var getProjectInfoFromFile = func(repofs fs.FS, name string) (*argocdv1alpha1.AppProject, *appset.ApplicationSet, error) {
var getProjectInfoFromFile = func(repofs fs.FS, name string) (*argocdv1alpha1.AppProject, *argocdv1alpha1.ApplicationSet, error) {
proj := &argocdv1alpha1.AppProject{}
appSet := &appset.ApplicationSet{}
appSet := &argocdv1alpha1.ApplicationSet{}
if err := repofs.ReadYamls(name, proj, appSet); err != nil {
return nil, nil, err
}
Expand Down
19 changes: 9 additions & 10 deletions cmd/commands/runtime_install.go
Original file line number Diff line number Diff line change
Expand Up @@ -51,8 +51,7 @@ import (
"github.com/argoproj-labs/argocd-autopilot/pkg/kube"
apstore "github.com/argoproj-labs/argocd-autopilot/pkg/store"
aputil "github.com/argoproj-labs/argocd-autopilot/pkg/util"
appset "github.com/argoproj/applicationset/api/v1alpha1"
argocd "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
argocdv1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
aev1alpha1 "github.com/argoproj/argo-events/pkg/apis/eventsource/v1alpha1"
"github.com/codefresh-io/go-sdk/pkg/codefresh"
platmodel "github.com/codefresh-io/go-sdk/pkg/codefresh/model"
Expand Down Expand Up @@ -410,7 +409,7 @@ func ensureGitData(cmd *cobra.Command, opts *RuntimeInstallOptions) error {
}

baseURL, _, _, _, _, _, _ := aputil.ParseGitUrl(opts.InsCloneOpts.Repo)
opts.gitProvider, err = cfgit.GetProvider(cfgit.ProviderType(opts.InsCloneOpts.Provider), baseURL)
opts.gitProvider, err = cfgit.GetProvider(cfgit.ProviderType(opts.InsCloneOpts.Provider), baseURL, opts.InsCloneOpts.Auth.CertFile)
if err != nil {
return err
}
Expand Down Expand Up @@ -1740,21 +1739,21 @@ func updateProject(repofs fs.FS, rt *runtime.Runtime) error {
// adding another gitGenerator to the project's ApplicationSet
// to support helm applications without adding the support in autopilot (TBD)
kustGenerator := appSet.Spec.Generators[0].Git
appSet.Spec.Generators = append(appSet.Spec.Generators, appset.ApplicationSetGenerator{
Git: &appset.GitGenerator{
Files: []appset.GitFileGeneratorItem{
appSet.Spec.Generators = append(appSet.Spec.Generators, argocdv1alpha1.ApplicationSetGenerator{
Git: &argocdv1alpha1.GitGenerator{
Files: []argocdv1alpha1.GitFileGeneratorItem{
{
Path: strings.Replace(kustGenerator.Files[0].Path, "config.json", "config_helm.json", 1),
},
},
RepoURL: kustGenerator.RepoURL,
RequeueAfterSeconds: kustGenerator.RequeueAfterSeconds,
Revision: kustGenerator.Revision,
Template: appset.ApplicationSetTemplate{
Spec: argocd.ApplicationSpec{
Source: argocd.ApplicationSource{
Template: argocdv1alpha1.ApplicationSetTemplate{
Spec: argocdv1alpha1.ApplicationSpec{
Source: argocdv1alpha1.ApplicationSource{
Chart: "{{ srcChart }}",
Helm: &argocd.ApplicationSourceHelm{
Helm: &argocdv1alpha1.ApplicationSourceHelm{
ReleaseName: fmt.Sprintf("%s-{{ appName }}", rt.Name),
Values: "{{ values }}",
},
Expand Down
24 changes: 13 additions & 11 deletions docs/commands/cli-v2_git-source_create.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,17 +17,19 @@ cli-v2 git-source create RUNTIME_NAME GITSOURCE_NAME [flags]
### Options

```
--create-repo If true, will create the specified git-source repo in case it doesn't already exist
--exclude string files to exclude. can be either filenames or a glob
--git-src-git-token string Your git provider api token [GIT_SRC_GIT_TOKEN]
--git-src-git-user string Your git provider user name [GIT_SRC_GIT_USER] (not required in GitHub)
--git-src-repo string Repository URL [GIT_SRC_GIT_REPO]
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for create
--include string files to include. can be either filenames or a glob
--repo string Repository URL [GIT_REPO]
-b, --upsert-branch If true will try to checkout the specified branch and create it if it doesn't exist
--create-repo If true, will create the specified git-source repo in case it doesn't already exist
--exclude string files to exclude. can be either filenames or a glob
--git-server-crt string Git Server certificate file
--git-src-git-server-crt string Git Server certificate fileGIT_SRC_
--git-src-git-token string Your git provider api token [GIT_SRC_GIT_TOKEN]
--git-src-git-user string Your git provider user name [GIT_SRC_GIT_USER] (not required in GitHub)
--git-src-repo string Repository URL [GIT_SRC_GIT_REPO]
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for create
--include string files to include. can be either filenames or a glob
--repo string Repository URL [GIT_REPO]
-b, --upsert-branch If true will try to checkout the specified branch and create it if it doesn't exist
```

### Options inherited from parent commands
Expand Down
11 changes: 6 additions & 5 deletions docs/commands/cli-v2_git-source_delete.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,12 @@ cli-v2 git-source delete RUNTIME_NAME GITSOURCE_NAME [flags]
### Options

```
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for delete
--repo string Repository URL [GIT_REPO]
-b, --upsert-branch If true will try to checkout the specified branch and create it if it doesn't exist
--git-server-crt string Git Server certificate file
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for delete
--repo string Repository URL [GIT_REPO]
-b, --upsert-branch If true will try to checkout the specified branch and create it if it doesn't exist
```

### Options inherited from parent commands
Expand Down
26 changes: 14 additions & 12 deletions docs/commands/cli-v2_git-source_edit.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,18 +17,20 @@ cli-v2 git-source edit RUNTIME_NAME GITSOURCE_NAME [flags]
### Options

```
--exclude string files to exclude. can be either filenames or a glob
--git-src-git-token string Your git provider api token [GIT_SRC_GIT_TOKEN]
--git-src-git-user string Your git provider user name [GIT_SRC_GIT_USER] (not required in GitHub)
--git-src-provider string The git provider, one of: azure|bitbucket|bitbucket-server|gitea|github|gitlab
--git-src-repo string Repository URL [GIT_SRC_GIT_REPO]
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for edit
--include string files to include. can be either filenames or a glob
--provider string The git provider, one of: azure|bitbucket|bitbucket-server|gitea|github|gitlab
--repo string Repository URL [GIT_REPO]
-b, --upsert-branch If true will try to checkout the specified branch and create it if it doesn't exist
--exclude string files to exclude. can be either filenames or a glob
--git-server-crt string Git Server certificate file
--git-src-git-server-crt string Git Server certificate fileGIT_SRC_
--git-src-git-token string Your git provider api token [GIT_SRC_GIT_TOKEN]
--git-src-git-user string Your git provider user name [GIT_SRC_GIT_USER] (not required in GitHub)
--git-src-provider string The git provider, one of: azure|bitbucket|bitbucket-server|gitea|github|gitlab
--git-src-repo string Repository URL [GIT_SRC_GIT_REPO]
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for edit
--include string files to include. can be either filenames or a glob
--provider string The git provider, one of: azure|bitbucket|bitbucket-server|gitea|github|gitlab
--repo string Repository URL [GIT_REPO]
-b, --upsert-branch If true will try to checkout the specified branch and create it if it doesn't exist
```

### Options inherited from parent commands
Expand Down
1 change: 1 addition & 0 deletions docs/commands/cli-v2_runtime_install.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ cli-v2 runtime install [runtime_name] [flags]
--from-repo Installs a runtime from an existing repo. Used for recovery after cluster failure
--gateway-name string The gateway name
--gateway-namespace string The namespace of the gateway
--git-server-crt string Git Server certificate file
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for install
Expand Down
1 change: 1 addition & 0 deletions docs/commands/cli-v2_runtime_uninstall.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ cli-v2 runtime uninstall [RUNTIME_NAME] [flags]
--disable-telemetry If true, will disable the analytics reporting for the uninstall process
--fast-exit If true, will not wait for deletion of cluster resources. This means that full resource deletion will not be verified
--force If true, will guarantee the runtime is removed from the platform, even in case of errors while cleaning the repo and the cluster
--git-server-crt string Git Server certificate file
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for uninstall
Expand Down
1 change: 1 addition & 0 deletions docs/commands/cli-v2_runtime_upgrade.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ cli-v2 runtime upgrade [RUNTIME_NAME] [flags]

```
--disable-telemetry If true, will disable analytics reporting for the upgrade process
--git-server-crt string Git Server certificate file
-t, --git-token string Your git provider api token [GIT_TOKEN]
-u, --git-user string Your git provider user name [GIT_USER] (not required in GitHub)
-h, --help help for upgrade
Expand Down
4 changes: 2 additions & 2 deletions docs/releases/release_notes.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ cf version

```bash
# download and extract the binary
curl -L --output - https://github.com/codefresh-io/cli-v2/releases/download/v0.1.8/cf-linux-amd64.tar.gz | tar zx
curl -L --output - https://github.com/codefresh-io/cli-v2/releases/download/v0.1.9/cf-linux-amd64.tar.gz | tar zx

# move the binary to your $PATH
mv ./cf-linux-amd64 /usr/local/bin/cf
Expand All @@ -36,7 +36,7 @@ cf version

```bash
# download and extract the binary
curl -L --output - https://github.com/codefresh-io/cli-v2/releases/download/v0.1.8/cf-darwin-amd64.tar.gz | tar zx
curl -L --output - https://github.com/codefresh-io/cli-v2/releases/download/v0.1.9/cf-darwin-amd64.tar.gz | tar zx

# move the binary to your $PATH
mv ./cf-darwin-amd64 /usr/local/bin/cf
Expand Down
Loading

0 comments on commit 64ee1a3

Please sign in to comment.