janware/jw-pkg
1
mirror of ssh://git.janware.com/srv/git/janware/proj/jw-pkg synced 2026-01-15 03:53:32 +01:00
Code Activity

make, scripts: Don't unconditionally clone with proactiveAuth=basic

Browse source 
Don't unconditionally add proactiveAuth=basic to Git's config during
clone, but only if cloning happens after authentication.

This saves unauthenticated users funny password prompts. On the other
hand, this makes a server setting persistent which could be changed
on the server.

  URL =~ /api/  (or so) => 401, followed by Basic Auth
  URL !=~ /api/ (or so) => Redirect or free access, depending on resource

Currently all resources, including API, are accessible by either
basic auth or a Cookie, but basic auth needs to be present in the
first request, which throws off some clients (notably Git without
proactiveAuth=basic).

Signed-off-by: Jan Lindemann <jan@janware.com>
This commit is contained in:
Jan Lindemann 2025-11-20 17:32:04 +01:00
commit 9283479489
2 changed files with 16 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
make/projects-dir-minimal.mk
View file

@ -47,6 +47,8 @@ endif
ifneq ($(JANWARE_USER),) ifneq ($(JANWARE_USER),)
CLONE_FROM_USER ?= $(JANWARE_USER) CLONE_FROM_USER ?= $(JANWARE_USER)
GIT_GLOBAL_OPTS += -c https.proactiveAuth=basic
export GIT_GLOBAL_OPTS
else else
CLONE_FROM_USER ?= janware CLONE_FROM_USER ?= janware
endif endif
@ -61,8 +63,10 @@ include $(PROJECTS_DIR_INCLUDE_MK)
$(PROJECTS_DIR_INCLUDE_MK): | $(JWBDIR) $(PROJECTS_DIR_INCLUDE_MK): | $(JWBDIR)
$(JWBDIR): $(JWBDIR):
git -c http.proactiveAuth=basic clone $(addprefix -b ,$(JW_BUILD_BRANCH)) $(JWBDIR_GIT_REMOTE) $(JWBDIR) git $(GIT_GLOBAL_OPTS) clone $(addprefix -b ,$(JW_BUILD_BRANCH)) $(JWBDIR_GIT_REMOTE) $(JWBDIR)
ifneq ($(findstring proactiveAuth,$(GIT_GLOBAL_OPTS)),)
git -C $(JWBDIR) config set http.proactiveAuth basic git -C $(JWBDIR) config set http.proactiveAuth basic
endif
make $(MAKECMDGOALS) make $(MAKECMDGOALS)
all: link-makefile.done all: link-makefile.done

15
scripts/pgit.sh
View file

@ -91,6 +91,15 @@ commit()
clone() clone()
{( {(
run_clone() {
local url="$1"
local p="$2"
run_git $GIT_GLOBAL_OPTS clone "$url" "$p"
if [[ "$GIT_GLOBAL_OPTS" =~ proactiveAuth ]]; then
run_git -C $p config set http.proactiveAuth basic
fi
}
local p local p
config config
cd $pdir cd $pdir
@ -145,8 +154,7 @@ clone()
if [ -d $p ]; then if [ -d $p ]; then
run_git -C $p pull --recurse-submodules=on-demand run_git -C $p pull --recurse-submodules=on-demand
else else
run_git -c http.proactiveAuth=basic clone $remote_base/$fromuser$remote_subpath/$p run_clone $remote_base/$fromuser$remote_subpath/$p $p
run_git -C $p config set http.proactiveAuth basic
fi fi
else else
local remotename="jw-$fromuser" local remotename="jw-$fromuser"
@ -166,8 +174,7 @@ clone()
fi fi
else else
# set -x # set -x
run_git -c http.proactiveAuth=basic clone $remote_base/$fromuser$remote_subpath/$p run_clone $remote_base/$fromuser$remote_subpath/$p $p
run_git -C $p config set http.proactiveAuth basic
run_git -C $p remote rename origin $remotename || fatal failed to rename remote in $p run_git -C $p remote rename origin $remotename || fatal failed to rename remote in $p
run_git -C $p remote set-url --push $remotename no_push run_git -C $p remote set-url --push $remotename no_push
if [ $create_remote_user_repos = true ]; then if [ $create_remote_user_repos = true ]; then