feat: Allow reading an access token

This commit is contained in:
PapaTutuWawa 2024-02-04 13:26:48 +01:00
parent 3747f02ed8
commit 48b6585eba
3 changed files with 44 additions and 3 deletions

View File

@ -147,6 +147,7 @@ func runServer(ctx *cli.Context) error {
defaultCsp := ctx.String("default-csp") defaultCsp := ctx.String("default-csp")
lokiUrl := ctx.String("loki-url") lokiUrl := ctx.String("loki-url")
metricsBotList := ctx.String("metrics-bot-list") metricsBotList := ctx.String("metrics-bot-list")
tokenFile := ctx.String("token-file")
// Init Logging // Init Logging
if ctx.Bool("debug") { if ctx.Bool("debug") {
@ -177,18 +178,28 @@ func runServer(ctx *cli.Context) error {
} }
} }
// If specified, read in an access token
token := ""
if tokenFile != "" {
t, err := readSecret(tokenFile)
if err != nil {
log.Warnf("Failed to read secret: %v", err)
}
token = t
}
// Setup the Gitea stuff // Setup the Gitea stuff
httpClient := http.Client{Timeout: 10 * time.Second} httpClient := http.Client{Timeout: 10 * time.Second}
giteaApiClient, err := gitea.NewClient( giteaApiClient, err := gitea.NewClient(
giteaUrl, giteaUrl,
gitea.SetHTTPClient(&httpClient), gitea.SetHTTPClient(&httpClient),
gitea.SetToken(""), gitea.SetToken(token),
gitea.SetUserAgent("rio"), gitea.SetUserAgent("rio"),
) )
if err != nil { if err != nil {
return err return err
} }
giteaClient := riogitea.NewGiteaClient(giteaUrl, giteaApiClient) giteaClient := riogitea.NewGiteaClient(giteaUrl, token, giteaApiClient)
// Listen on the port // Listen on the port
addr := ctx.String("listen-host") + ":" + ctx.String("listen-port") addr := ctx.String("listen-host") + ":" + ctx.String("listen-port")
@ -414,6 +425,12 @@ func main() {
Value: "", Value: "",
EnvVars: []string{"METRICS_BOT_LIST"}, EnvVars: []string{"METRICS_BOT_LIST"},
}, },
&cli.StringFlag{
Name: "token-file",
Usage: "File containing a access token. Required for serving private repositories",
Value: "",
EnvVars: []string{"TOKEN_FILE"},
},
}, },
} }

16
cmd/rio/utils.go Normal file
View File

@ -0,0 +1,16 @@
package main
import (
"os"
"strings"
)
// Read a secret file and return its (cleaned) content.
func readSecret(path string) (string, error) {
content, err := os.ReadFile(path)
if err != nil {
return "", err
}
return strings.Trim(string(content), "\n\r "), nil
}

View File

@ -38,6 +38,8 @@ type Repository struct {
} }
type GiteaClient struct { type GiteaClient struct {
Token string
GetRepository GetRepositoryMethod GetRepository GetRepositoryMethod
HasBranch HasBranchMethod HasBranch HasBranchMethod
HasUser HasUserMethod HasUser HasUserMethod
@ -46,8 +48,9 @@ type GiteaClient struct {
LookupRepoTXT LookupRepoTXTMethod LookupRepoTXT LookupRepoTXTMethod
} }
func NewGiteaClient(giteaUrl string, giteaClient *gitea.Client) GiteaClient { func NewGiteaClient(giteaUrl string, token string, giteaClient *gitea.Client) GiteaClient {
return GiteaClient{ return GiteaClient{
Token: token,
GetRepository: func(username, repositoryName string) (Repository, error) { GetRepository: func(username, repositoryName string) (Repository, error) {
repo, _, err := giteaClient.GetRepo(username, repositoryName) repo, _, err := giteaClient.GetRepo(username, repositoryName)
if err != nil { if err != nil {
@ -91,6 +94,11 @@ func NewGiteaClient(giteaUrl string, giteaClient *gitea.Client) GiteaClient {
if since != nil { if since != nil {
sinceFormat := since.Format(time.RFC1123) sinceFormat := since.Format(time.RFC1123)
req.Header.Add("If-Modified-Since", sinceFormat) req.Header.Add("If-Modified-Since", sinceFormat)
// Add authentication, if we have a token
if token != "" {
req.Header.Add("Authorization", "token "+token)
}
} }
resp, err := client.Do(req) resp, err := client.Do(req)
if err != nil { if err != nil {