Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent git from prompting for credentials #6141

Merged
merged 2 commits into from
Jan 29, 2025
Merged

Prevent git from prompting for credentials #6141

merged 2 commits into from
Jan 29, 2025

Conversation

perlpunk
Copy link
Contributor

@perlpunk perlpunk commented Jan 28, 2025
edited
Loading

There can be situations where git needs credentials and prompts the user,

  • Trying to push to via http
  • Trying to push via ssh but without having a key, or a key with a passphrase
  • Trying to fetch from a private repo via http or ssh

This does not make sense in automated code and results in a hanging process
waitign for input.

We can prevent a prompt by setting the following two variables:

https://git-scm.com/docs/git#Documentation/git.txt-codeGITASKPASScode

GIT_ASKPASS

If this environment variable is set, then Git commands which need to acquire
passwords or passphrases (e.g. for HTTP or IMAP authentication) will call this
program with a suitable prompt as command-line argument and read the password
from its STDOUT. See also the core.askPass option in git-config[1].

https://git-scm.com/docs/git#Documentation/git.txt-codeGITTERMINALPROMPTcode
GIT_TERMINAL_PROMPT

If this Boolean environment variable is set to false, git will not prompt on
the terminal (e.g., when asking for HTTP authentication).

This way we will immediately get an error message.

Issue: https://progress.opensuse.org/issues/174592

In this case the error presented to the user is:

"Unable to push Git commit
(/path/to/needles): remote: Support
for password authentication was removed on August 13, 2021. remote: Please see
https://docs.github.com/get-started/getting-started-with-git/about-remote-repositories#cloning-with-https-urls
for information on currently recommended modes of authentication. fatal:
Authentication failed for
'https://github.com/perlpunk/os-autoinst-needles-openQA/'"

That can be improved in a followup by adding a link to our documentation.

Note: That's for AC3 of the ticket

@perlpunk perlpunk changed the title Prevent git from promptinjg for credentials Prevent git from prompting for credentials Jan 28, 2025
@perlpunk perlpunk force-pushed the git-clone-credentials branch from 37a7f5e to 6c3b6c7 Compare January 28, 2025 21:20
@perlpunk perlpunk mentioned this pull request Jan 28, 2025
Closed
@perlpunk
Prevent git from prompting for credentials
a42198e 
There can be situations where git needs credentials and prompts the user,

* Trying to push to via http
* Trying to push via ssh but without having a key, or a key with a passphrase
* Trying to fetch from a private repo via http or ssh

This does not make sense in automated code and results in a hanging process
waitign for input.

We can prevent a prompt by setting the following two variables:

https://git-scm.com/docs/git#Documentation/git.txt-codeGITASKPASScode

GIT_ASKPASS
If this environment variable is set, then Git commands which need to acquire
passwords or passphrases (e.g. for HTTP or IMAP authentication) will call this
program with a suitable prompt as command-line argument and read the password
from its STDOUT. See also the core.askPass option in git-config[1].

https://git-scm.com/docs/git#Documentation/git.txt-codeGITTERMINALPROMPTcode
GIT_TERMINAL_PROMPT
If this Boolean environment variable is set to false, git will not prompt on
the terminal (e.g., when asking for HTTP authentication).

This way we will immediately get an error message.

Issue: https://progress.opensuse.org/issues/174592

In this case the error presented to the user is:
"Unable to push Git commit
(/path/to/needles): remote: Support
for password authentication was removed on August 13, 2021. remote: Please see
https://docs.github.com/get-started/getting-started-with-git/about-remote-repositories#cloning-with-https-urls
for information on currently recommended modes of authentication. fatal:
Authentication failed for
'https://github.com/perlpunk/os-autoinst-needles-openQA/'"

That can be improved in a followup by adding a link to our documentation.
@perlpunk perlpunk force-pushed the git-clone-credentials branch from 6c3b6c7 to a42198e Compare January 28, 2025 21:40
@codecov Codecov
Copy link

codecov bot commented Jan 28, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.99%. Comparing base (b7aa773) to head (a42198e).
Report is 3 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #6141   +/-   ##
=======================================
  Coverage   98.99%   98.99%           
=======================================
  Files         396      396           
  Lines       39637    39637           
=======================================
  Hits        39237    39237           
  Misses        400      400

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@perlpunk perlpunk requested a review from b10n1k January 29, 2025 10:08
@mergify mergify bot merged commit 61b2d39 into os-autoinst:master Jan 29, 2025
46 checks passed
@perlpunk perlpunk deleted the git-clone-credentials branch January 29, 2025 12:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@okurz okurz okurz approved these changes

@b10n1k b10n1k b10n1k approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@perlpunk @b10n1k @okurz