1) Was calling Wait() on the child process, but also calling Wait4,
which would race, causing an occasional error or panic.
2) In testing (1), I observed occasional hangs. Tracing it down to a
SIGWINCH, which masked a SIGCHLD, causing it to hang. Both seem fixed.
Added a manual test script.
username/password case.
For cache to store change:
* By default, cache only last 900 seconds, gitsync will break after
that. See https://git-scm.com/docs/git-credential-cache.
* The test won't work with cache since the test don't have access to
the default unix socket location; XDG_CACHE_HOME override also can
pre-create a socket in advance.
* `store` put the credential into a file, much easier to debug than cache.
* Considering anyone have access to the pod already able to get the
credential via environment variables or yaml configs, so put it in
file won't make it less secure.
For the new password test:
1. askpass_git.sh provided to simulate a git with password challenge.
2. Need and only need to similate "clone" action, need to bypass other
actions like config/credential setup.
3. See `credential fill` is the official git action to ask password,
see https://git-scm.com/docs/git-credential.
This change resolved issue #196.
It specifies a HTTP URL which will return username&password which will
be used to authenticate access to the git repo.
This is mainly used for git repo accecpt dynamic password (for example
oauth bare token). Because the dynamic password might expire very soon,
so it's added to the main syncRepo loop.
Typical usage case is work with a sidecar called gce-node-auth on GKE,
it uses the GCE service account's oauth token as password to access
Cloud Source Repo.
Please see the repo below for how it worked.
https://github.com/cydu-cloud/gce-node-auth/blob/master/git-sync-with-gce-node-auth.yaml
Tim Hockin