-
-
Notifications
You must be signed in to change notification settings - Fork 120
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for upstream auth with ENV variables
- Loading branch information
Showing
5 changed files
with
152 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -49,6 +49,10 @@ gem "rubywarrior" | |
source "http://localhost:9292/upstream/#{CGI.escape("https://my.gem-source.local")}" do | ||
gem "my-gem" | ||
end | ||
source "http://localhost:9292/upstream/my-other.gem-source.local" do | ||
gem "my-other-gem" | ||
end | ||
``` | ||
|
||
Notice the `CGI.escape` call in the second source. This is important, as | ||
|
@@ -57,6 +61,54 @@ you want. The `/upstream` prefix tells Gemstash to use a gem source | |
other than the default source. You can now bundle with the additional | ||
source. | ||
|
||
Notice that the third source doesn't need to be escaped. | ||
This is because the `https://` is used by default when no scheme is set, | ||
and the source URL does not contain any chars that need to be escaped. | ||
|
||
## Authentication with Multiple Sources | ||
|
||
You can use basic authentication or API keys on sources directly in Gemfile | ||
or using ENV variables on the Gemstash instance. | ||
|
||
Example `Gemfile`: | ||
```ruby | ||
# ./Gemfile | ||
require "cgi" | ||
source "http://localhost:9292" | ||
source "http://localhost:9292/upstream/#{CGI.escape("user:[email protected]")}" do | ||
gem "my-gem" | ||
end | ||
source "http://localhost:9292/upstream/#{CGI.escape("[email protected]")}" do | ||
gem "my-other-gem" | ||
end | ||
``` | ||
|
||
If you set `GEMSTASH_<HOST>` ENV variable with your authentication information, | ||
you can omit it from the `Gemfile`: | ||
|
||
```ruby | ||
# ./Gemfile | ||
source "http://localhost:9292" | ||
source "http://localhost:9292/upstream/my.gem-source.local" do | ||
gem "my-gem" | ||
end | ||
``` | ||
|
||
And run the Gemstash with the credentials set in an ENV variable: | ||
|
||
```bash | ||
GEMSTASH_MY__GEM___SOURCE__LOCAL=user:password gemstash start --no-daemonize --config-file config.yml.erb | ||
``` | ||
|
||
The name of the ENV variable is the uppercase version of the host name, | ||
with all `.` characters replaced with `__`, all `-` with `___` and a `GEMSTASH_` prefix | ||
(it uses the same syntax as [Bundler](https://bundler.io/v2.4/man/bundle-config.1.html#CREDENTIALS-FOR-GEM-SOURCES)). | ||
|
||
Example: `my.gem-source.local` => `GEMSTASH_MY__GEM___SOURCE__LOCAL` | ||
|
||
## Redirecting | ||
|
||
Gemstash supports an alternate mode of specifying your gem sources. If | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,6 +23,16 @@ | |
expect(upstream_uri.password).to be_nil | ||
end | ||
|
||
it "uses HTTPS schema by default" do | ||
upstream_uri = Gemstash::Upstream.new("rubygems.org") | ||
expect(upstream_uri.to_s).to eq("https://rubygems.org") | ||
expect(upstream_uri.host).to eq("rubygems.org") | ||
expect(upstream_uri.scheme).to eq("https") | ||
expect(upstream_uri.url("gems")).to eq("https://rubygems.org/gems") | ||
expect(upstream_uri.user).to be_nil | ||
expect(upstream_uri.password).to be_nil | ||
end | ||
|
||
it "supports user:pass url auth in the uri" do | ||
upstream_uri = Gemstash::Upstream.new("https://myuser:[email protected]/") | ||
expect(upstream_uri.user).to eq("myuser") | ||
|
@@ -55,19 +65,43 @@ | |
expect(upstream_uri.url("gems", "key=value")).to eq("https://rubygems.org/gems?key=value") | ||
end | ||
|
||
it "fails if the uri is not valid" do | ||
expect { Gemstash::Upstream.new("something_that_is_not_an_uri") }.to raise_error( | ||
/URL 'something_that_is_not_an_uri' is not valid/ | ||
) | ||
end | ||
|
||
it "has a nil user agent if not provided" do | ||
expect(Gemstash::Upstream.new("https://rubygems.org/").user_agent).to be_nil | ||
end | ||
|
||
it "supports getting user agent" do | ||
expect(Gemstash::Upstream.new("https://rubygems.org/", | ||
user_agent: "my_user_agent").user_agent).to eq("my_user_agent") | ||
user_agent: "my_user_agent").user_agent).to eq("my_user_agent") | ||
end | ||
|
||
context "with ENV variables for upstream authentication" do | ||
context "with user and password" do | ||
before do | ||
allow(ENV).to receive(:[]).and_call_original | ||
allow(ENV).to receive(:[]).with("GEMSTASH_RUBYGEMS__ORG").and_return("myuser:mypassword") | ||
end | ||
|
||
it "users user:pass for auth" do | ||
upstream_uri = Gemstash::Upstream.new("https://rubygems.org/") | ||
expect(upstream_uri.user).to eq("myuser") | ||
expect(upstream_uri.password).to eq("mypassword") | ||
expect(upstream_uri.auth?).to be_truthy | ||
end | ||
end | ||
|
||
context "with api key" do | ||
before do | ||
allow(ENV).to receive(:[]).and_call_original | ||
allow(ENV).to receive(:[]).with("GEMSTASH_RUBYGEMS__ORG").and_return("api_key") | ||
end | ||
|
||
it "uses api_key for auth" do | ||
upstream_uri = Gemstash::Upstream.new("https://rubygems.org/") | ||
expect(upstream_uri.user).to eq("api_key") | ||
expect(upstream_uri.password).to be_nil | ||
expect(upstream_uri.auth?).to be_truthy | ||
end | ||
end | ||
end | ||
|
||
describe ".url" do | ||
|