kubernetes
/
git-sync
mirror of https://github.com/kubernetes/git-sync.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
301 Commits 5 Branches 57 Tags 19 MiB
Commit Graph

301 Commits

Author SHA1 Message Date
Tim Hockin 8f87fd8397 Fix multi-arch build support 
Buildx seems to do what we need.
 2020-09-04 23:01:45 -07:00
Tim Hockin 7b25906ff7 Build updates 
Move to go 1.14

Explicitly apt-get update when building
 2020-05-01 14:22:06 -07:00
Kubernetes Prow Robot e001cde4ac
Merge pull request #237 from thockin/pid1-and-stdout-stderr 
Split stdout and stderr in runCommand.  Bugs in pid1.
 2020-03-21 22:20:47 -07:00
Tim Hockin 82cd91958b Split stdout/stderr in runCommand() 
Sometimes git emits things on stderr that are not errors but not part of
the programmatic output either.  Don't combine the output.
 2020-03-20 13:44:33 -07:00
Tim Hockin 95a1690e6f Fix 2 bugs in pid1 
1) Was calling Wait() on the child process, but also calling Wait4,
which would race, causing an occasional error or panic.

2) In testing (1), I observed occasional hangs.  Tracing it down to a
SIGWINCH, which masked a SIGCHLD, causing it to hang.  Both seem fixed.

Added a manual test script.
 2020-03-20 13:44:27 -07:00
Kubernetes Prow Robot 8015d4b24e
Merge pull request #239 from Rested/master 
Fixes handling of invalid urls in webhooks
 2020-03-19 08:25:23 -07:00
Reuben Thomas-Davis 4a75452461 avoid accessing Request in webhook.go until possible error due to invalid url has been handled 2020-03-16 19:49:59 +00:00
Kubernetes Prow Robot f4fd49cfc7
Merge pull request #232 from jimangel/env-vars 
added table for env vars
 2020-02-10 15:07:53 -08:00
Jim Angel 55b3e5e6ef added table for env vars 2020-02-10 16:09:47 -06:00
Kubernetes Prow Robot ad2444ac5d
Merge pull request #231 from marcomicera/fix_docker_image_tag_ssh_doc 
Fixed Docker image tag in SSH documentation page
 2020-02-03 09:01:21 -08:00
Marco Micera 4857717d30
Fixed Docker image tag in SSH documentation page 2020-02-03 00:24:31 +01:00
Kubernetes Prow Robot e7679fe25c
Merge pull request #230 from thockin/debian-buster 
Bump to debian-base 2.0.0 (buster)
 2020-01-31 09:26:21 -08:00
Tim Hockin ef8f5cf703 Bump to debian-base 2.0.0 (buster) 
This changed `git fetch` to require a `-f` the way we use it.

Also fix a flaky test case for SSH.
 2020-01-31 09:20:54 -08:00
Kubernetes Prow Robot 629c8d2464
Merge pull request #224 from thockin/meaningful-healthcheck 
Make health check meaningful
 2020-01-10 04:44:34 -08:00
Tim Hockin 72deefcec3 Make health check meaningful 2020-01-09 17:20:11 -08:00
Kubernetes Prow Robot 2eb8bf26f2
Merge pull request #223 from dmarkey/patch-1 
Update deployment to use new version which is multi-arch
 2020-01-07 14:29:21 -08:00
David Markey 5fc3bd798c
Update deployment to use new version which is multi-arch 
So it can run on a Raspberry Pi
 2020-01-07 22:21:00 +00:00
Kubernetes Prow Robot 705be50aa0
Merge pull request #218 from thockin/e2e_ssh 
Support ssh as arbitrary users, add e2e for SSH
 2020-01-07 08:30:19 -08:00
Tim Hockin 083c189924 Fix SSH docs permissions 2020-01-07 08:25:36 -08:00
Tim Hockin 1a1dd1cbe0 e2e: Add test for SSH 
This requires having a docker image for git-over-ssh.
 2020-01-07 08:25:36 -08:00
Tim Hockin 5154ace66d Add --add-user to write UID/GID to passwd 2020-01-03 16:16:15 -08:00
Tim Hockin fbdeead461 e2e: quote variables 2019-12-30 15:32:52 -08:00
Tim Hockin 9303c920d7 e2e: Use docker labels for cleanup 2019-12-30 15:32:52 -08:00
Tim Hockin a6cce7b757 e2e: move code around 2019-12-30 15:32:52 -08:00
Tim Hockin b56ea3796a e2e: reinit repo for each testcase 2019-12-30 15:32:52 -08:00
Tim Hockin ece56840f8 Fix askpass tests 2019-12-30 15:32:52 -08:00
Kubernetes Prow Robot 0e422616a4
Merge pull request #219 from cydu-cloud/askpass 
Verify both username and password in the askpass_git test.
 2019-12-19 17:03:33 -08:00
Chuanying Du 5c70f02656 Verify both username and password in the askpass_git test. 2019-12-19 16:48:23 -08:00
Kubernetes Prow Robot d8928aae96
Merge pull request #216 from cydu-cloud/master 
Support GIT_ASKPASS_URL callback
 2019-12-19 16:33:34 -08:00
Chuanying Du 0851cc5916 use free port 2019-12-19 16:26:46 -08:00
Chuanying Du 0b0f0a62d5 use random port for nc 2019-12-18 22:30:42 -08:00
Chuanying 27864c32cd
Merge branch 'master' into master 2019-12-18 22:11:57 -08:00
Kubernetes Prow Robot 59119978f1
Merge pull request #217 from cydu-cloud/passwordtest 
Change git credential from cache to store and also add test for username/password case
 2019-12-18 22:01:56 -08:00
Chuanying Du d8d9ff72b8 add e2e test for askpasswd_url 2019-12-18 21:07:01 -08:00
Chuanying Du b0bdc02e8b manually merge https://github.com/kubernetes/git-sync/pull/217 2019-12-18 20:05:51 -08:00
Chuanying Du 66244108ed fix tests 2019-12-18 17:57:28 -08:00
Chuanying Du d58a241648 add comments; use --one-time for testing 2019-12-18 17:13:37 -08:00
Chuanying Du 31f276dd58 fix comments 2019-12-18 10:59:20 -08:00
Chuanying Du c57553a2eb fix docs 2019-12-18 10:52:02 -08:00
Chuanying Du ac70751767 Change git credential from cache to store and also add test for 
username/password case.

For cache to store change:
* By default, cache only last 900 seconds, gitsync will break after
  that. See https://git-scm.com/docs/git-credential-cache.
* The test won't work with cache since the test don't have access to
  the default unix socket location; XDG_CACHE_HOME override also can
  pre-create a socket in advance.
* `store` put the credential into a file, much easier to debug than cache.
* Considering anyone have access to the pod already able to get the
  credential via environment variables or yaml configs, so put it in
  file won't make it less secure.

For the new password test:
1. askpass_git.sh provided to simulate a git with password challenge.
2. Need and only need to similate "clone" action, need to bypass other
  actions like config/credential setup.
3. See `credential fill` is the official git action to ask password,
  see https://git-scm.com/docs/git-credential.

This change resolved issue #196.
 2019-12-18 09:55:01 -08:00
Chuanying Du 34daaefbb8 update some docs to retrigger the scan 2019-12-17 11:24:03 -08:00
Chuanying Du 1f67515afa fix docs link 2019-12-17 11:16:06 -08:00
Chuanying Du 6c6c354c72 update docs from auth-url to askpass-url 2019-12-17 11:02:03 -08:00
Chuanying Du 67a0788aa2 Rename to GIT_ASKPASS_URL and also update related examples. 2019-12-17 10:48:20 -08:00
Chuanying Du 9cae624f8c Add a new authentiate method GIT_SYNC_AUTH_URL. 
It specifies a HTTP URL which will return username&password which will
be used to authenticate access to the git repo.

This is mainly used for git repo accecpt dynamic password (for example
oauth bare token). Because the dynamic password might expire very soon,
so it's added to the main syncRepo loop.

Typical usage case is work with a sidecar called gce-node-auth on GKE,
it uses the GCE service account's oauth token as password to access
Cloud Source Repo.

Please see the repo below for how it worked.
https://github.com/cydu-cloud/gce-node-auth/blob/master/git-sync-with-gce-node-auth.yaml
 2019-12-16 23:45:37 -08:00
Kubernetes Prow Robot a2a8f72733
Merge pull request #211 from thockin/log-cleanups 
Log before running commands, not after
 2019-11-27 23:33:03 -08:00
Kubernetes Prow Robot b56f73ba85
Merge pull request #209 from thockin/master 
Clean up docs
 2019-11-27 23:31:03 -08:00
Kubernetes Prow Robot 39de601ec4
Merge pull request #210 from thockin/rename-cleanups 
Cleanups: rename vars and funcs, comments
 2019-11-27 23:29:03 -08:00
Tim Hockin 0057fac0a4 Clean up docs 2019-11-26 14:12:47 -08:00
Tim Hockin eac27f505e Log before actions 2019-11-26 13:45:18 -08:00