Fixes regression accessing GitLab public repositories

Some git servers are more accommodating than others. Gitlab will try to
validate credentials when they are provided, even if they are empty and
the target repository is public, leading to a failed authentication error.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>

pkg/git/gogit/transport.go

@@ -36,10 +36,15 @@ func transportAuth(opts *git.AuthOptions) (transport.AuthMethod, error) {
 	}
 	switch opts.Transport {
 	case git.HTTPS, git.HTTP:
-		return &http.BasicAuth{
-			Username: opts.Username,
-			Password: opts.Password,
-		}, nil
+		// Some providers (i.e. GitLab) will reject empty credentials for
+		// public repositories.
+		if opts.Username != "" || opts.Password != "" {
+			return &http.BasicAuth{
+				Username: opts.Username,
+				Password: opts.Password,
+			}, nil
+		}
+		return nil, nil
 	case git.SSH:
 		if len(opts.Identity) > 0 {
 			pk, err := ssh.NewPublicKeys(opts.Username, opts.Identity, opts.Password)

pkg/git/gogit/transport_test.go

@@ -74,6 +74,24 @@ func Test_transportAuth(t *testing.T) {
 		wantFunc func(g *WithT, t transport.AuthMethod, opts *git.AuthOptions)
 		wantErr  error
 	}{
+		{
+			name: "Public HTTP Repositories",
+			opts: &git.AuthOptions{
+				Transport: git.HTTP,
+			},
+			wantFunc: func(g *WithT, t transport.AuthMethod, opts *git.AuthOptions) {
+				g.Expect(t).To(BeNil())
+			},
+		},
+		{
+			name: "Public HTTPS Repositories",
+			opts: &git.AuthOptions{
+				Transport: git.HTTP,
+			},
+			wantFunc: func(g *WithT, t transport.AuthMethod, opts *git.AuthOptions) {
+				g.Expect(t).To(BeNil())
+			},
+		},
 		{
 			name: "HTTP basic auth",
 			opts: &git.AuthOptions{