(repo: RepoWithConnections, logger?: Logger)
| 115 | // may have their own token. This method will just pick the first connection that has a token (if one exists) and uses that. This |
| 116 | // may technically cause syncing to fail if that connection's token just so happens to not have access to the repo it's referencing. |
| 117 | export const getAuthCredentialsForRepo = async (repo: RepoWithConnections, logger?: Logger): Promise<RepoAuthCredentials | undefined> => { |
| 118 | // If we have github apps configured we assume that we must use them for github service auth |
| 119 | if (repo.external_codeHostType === 'github' && await hasEntitlement('github-app') && GithubAppManager.getInstance().appsConfigured()) { |
| 120 | logger?.debug(`Using GitHub App for service auth for repo ${repo.displayName} hosted at ${repo.external_codeHostUrl}`); |
| 121 | |
| 122 | const owner = repo.displayName?.split('/')[0]; |
| 123 | const deploymentHostname = new URL(repo.external_codeHostUrl).hostname; |
| 124 | if (!owner || !deploymentHostname) { |
| 125 | throw new Error(`Failed to fetch GitHub App for repo ${repo.displayName}:Invalid repo displayName (${repo.displayName}) or deployment hostname (${deploymentHostname})`); |
| 126 | } |
| 127 | |
| 128 | const token = await GithubAppManager.getInstance().getInstallationToken(owner, deploymentHostname); |
| 129 | return { |
| 130 | hostUrl: repo.external_codeHostUrl, |
| 131 | token, |
| 132 | cloneUrlWithToken: createGitCloneUrlWithToken( |
| 133 | repo.cloneUrl, |
| 134 | { |
| 135 | username: 'x-access-token', |
| 136 | password: token |
| 137 | } |
| 138 | ), |
| 139 | } |
| 140 | } |
| 141 | |
| 142 | for (const { connection } of repo.connections) { |
| 143 | if (connection.connectionType === 'github') { |
| 144 | const config = connection.config as unknown as GithubConnectionConfig; |
| 145 | if (config.token) { |
| 146 | const token = await getTokenFromConfig(config.token); |
| 147 | return { |
| 148 | hostUrl: config.url, |
| 149 | token, |
| 150 | cloneUrlWithToken: createGitCloneUrlWithToken( |
| 151 | repo.cloneUrl, |
| 152 | { |
| 153 | password: token, |
| 154 | } |
| 155 | ), |
| 156 | connectionConfig: config, |
| 157 | } |
| 158 | } |
| 159 | } else if (connection.connectionType === 'gitlab') { |
| 160 | const config = connection.config as unknown as GitlabConnectionConfig; |
| 161 | if (config.token) { |
| 162 | const token = await getTokenFromConfig(config.token); |
| 163 | return { |
| 164 | hostUrl: config.url, |
| 165 | token, |
| 166 | cloneUrlWithToken: createGitCloneUrlWithToken( |
| 167 | repo.cloneUrl, |
| 168 | { |
| 169 | username: 'oauth2', |
| 170 | password: token |
| 171 | } |
| 172 | ), |
| 173 | connectionConfig: config, |
| 174 | } |
no test coverage detected