Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FE]: Support for private key connection #32

Open
damsien opened this issue Dec 13, 2024 · 0 comments
Open

[FE]: Support for private key connection #32

damsien opened this issue Dec 13, 2024 · 0 comments
Labels
feature A feature that is listed in the roadmap

Comments

@damsien
Copy link
Collaborator

damsien commented Dec 13, 2024
edited
Loading

Roadmap 2025/01 Ability to choose the git push error default behavior
As a the DevOps of my team, I want to be able to connect to my git platform using a private ssh key instead of a token.

What to do

1. Add a sshPrivateKey field in the gitUser struct

syngit/internal/controller/webhook_request_checker.go

Lines 22 to 26 in 7f756db

type gitUser struct {
gitUser string
gitEmail string
gitToken string
}

2. Allow kubernetes.io/ssh-auth secret type

When getting the user's secret, check for the Secret type (secret.Type). If it is kubernetes.io/basic-auth, then keep the existing lines (get username & password). If it is kubernetes.io/ssh-auth, then get the ssh-privatekey key from the Secret like describe in the Kubernetes documentation.

syngit/internal/controller/webhook_request_checker.go

Lines 258 to 266 in 7f756db

secret := &corev1.Secret{}
err := wrc.k8sClient.Get(ctx, *secretNamespacedName, secret)
if err == nil {
userGitName = string(secret.Data["username"])
userGitToken = string(secret.Data["password"])
secretCount++
userGitEmail = remoteUser.Spec.Email
}

3. Add the ssh private key to the existing gitUser

syngit/internal/controller/webhook_request_checker.go

Lines 268 to 272 in 7f756db

gitUser := &gitUser{
gitUser: userGitName,
gitEmail: userGitEmail,
gitToken: userGitToken,
}

4. Add a sshPrivateKey field in the GitPusher struct

syngit/internal/controller/git_pusher.go

Lines 25 to 37 in 7f756db

type GitPusher struct {
remoteSyncer syngit.RemoteSyncer
interceptedYAML string
interceptedGVR schema.GroupVersionResource
interceptedName string
branch string
gitUser string
gitEmail string
gitToken string
operation admissionv1.Operation
insecureSkipTlsVerify bool
caBundle string
}

5. Global BasicAuth

Create a http.BasicAuth object that will be used to clone & push. Create a function that build the BasicAuth depending on the the type (basic auth or ssh). Replace the existing ones with the global one.

syngit/internal/controller/git_pusher.go

Lines 52 to 55 in 7f756db

Auth: &http.BasicAuth{
Username: gp.gitUser,
Password: gp.gitToken,
},

syngit/internal/controller/git_pusher.go

Lines 258 to 261 in 7f756db

Auth: &http.BasicAuth{
Username: gp.gitUser,
Password: gp.gitToken,
},

Remove the Name field from the commit signature (because it can not to exist if the type is ssh).

syngit/internal/controller/git_pusher.go

Lines 235 to 239 in 7f756db

Author: &object.Signature{
Name: gp.gitUser,
Email: gp.gitEmail,
When: time.Now(),
},

Additional context

If you have any questions, please tag @damsien.
@damsien damsien added enhancement Request for enhancement good first issue Good for newcomers feature A feature that is listed in the roadmap labels Dec 13, 2024
@damsien damsien changed the title [FE]: Support for ssh connection [FE]: Support for private key connection Dec 23, 2024
@damsien damsien removed good first issue Good for newcomers enhancement Request for enhancement labels Dec 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature A feature that is listed in the roadmap
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@damsien