The current git-sync process outputs the error information to standard
out, which is inaccessible from outside the container. Users have to
dump the logs using kubectl logs in order to check the error details in
the git-sync process. This commit exports the error details to a file,
which provides users the capability to check the errors directly from
other sidecar containers.
proposal: https://github.com/kubernetes/git-sync/issues/326
This allows arbitrary git configs to be passed in. For example:
`git config --global http.postBuffer 1048576000`
`git config --global http.sslCAInfo /path/to/cert/file`
`git config --global http.sslVerify false`
This flag takes a comma-separated list of `key:val` pairs. The key part
is passed to `git config` and must be a valid gitconfig section header
and variable name. The val part can be either a quoted or unquoted
value. For all values the following escape sequences are supported:
* `\n` => [newline]
* `\t` => [tab]
* `\"` => `"`
* `\,` => `,`
* `\\` => `\`
Within unquoted values, commas MUST be escaped. Within quoted values,
commas MAY be escaped, but are not required to be. Any other escape
sequence is an error.
Example:
`--git-config=foo.one:val1,foo.two:"quoted val",foo.three:12345`
This commit exposed a bug in runCommand() which modified its args when
they had an embedded space.
* add option to NOT recursively clone submodules
* Add "shallow" and "off" modes to submodule clone
* update readme to reflect new flag
* wording and such feedback
username/password case.
For cache to store change:
* By default, cache only last 900 seconds, gitsync will break after
that. See https://git-scm.com/docs/git-credential-cache.
* The test won't work with cache since the test don't have access to
the default unix socket location; XDG_CACHE_HOME override also can
pre-create a socket in advance.
* `store` put the credential into a file, much easier to debug than cache.
* Considering anyone have access to the pod already able to get the
credential via environment variables or yaml configs, so put it in
file won't make it less secure.
For the new password test:
1. askpass_git.sh provided to simulate a git with password challenge.
2. Need and only need to similate "clone" action, need to bypass other
actions like config/credential setup.
3. See `credential fill` is the official git action to ask password,
see https://git-scm.com/docs/git-credential.
This change resolved issue #196.
This handles non-annotated tags, which were not handled well before. It
does mean that we use the hash of the (annotated) tag object instead of
the commit, but that seems OK.
Added a test case.
If an initial clone crashes, it can leave the git-root in a bad state
such that git can't retry the clone. This change forces it to clean up
the mess and retry.
Change the use of pkill with 'docker rm' as this will work more reliably (at least on MacOS). Trap the EXIT signal so we can perform a clean-up even if a test fails, so we don't pollute the system with a bunch of stopped containers. Increase the timeout from two to three seconds in order for the tests to work reliably on MacOS (the two second waiting period was consistenly to short for all tests to work). Update the Makefile so when we run the container in order to compile the package we make sure the (stopped) container is removed.
Faster builds and versions from tags. Also use alpine as a base image. We
need alpine for other architectures...
Also change the --wait flag to take a float for sub-second waits.
Kubernetes Prow Robot
Spencer Malone
Nan Yu
Tim Hockin
unknowingknow
alix.cook11
Chuanying Du
Chuanying
Michal Lula
Thomas Jackson
George Angel
jorianvo