Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support URLs with basic authentication when resolving a devfile #21998

Closed
l0rd opened this issue Feb 13, 2023 · 3 comments
Closed

Support URLs with basic authentication when resolving a devfile #21998

l0rd opened this issue Feb 13, 2023 · 3 comments
Assignees
@vinokurig
Labels
area/che-server area/git/oauth-services OAuth support to authenticate developers with their GitHub, GitLab, Bitbucket etc...accounts kind/enhancement A feature request - must adhere to the feature request template. new&noteworthy For new and/or noteworthy issues that deserve a blog post, new docs, or emphasis in release notes severity/P1 Has a major impact to usage or development of the system. sprint/current status/release-notes-review-needed Issues that needs to be reviewed by the doc team for the Release Notes wording
Milestone
7.62

Comments

@l0rd
Copy link
Contributor

l0rd commented Feb 13, 2023
edited
Loading

Is your enhancement related to a problem? Please describe

There are git services for which Che cannot resolve the Devfile.

A workaround is to use the raw URL to the devfile. For example for azure devops the following public URL worked:

https://dev.azure.com/marioloriedo/a5c3e8ae-6db1-4a4f-8b81-0a8ef12f154b/_apis/git/repositories/317bf9fc-90a2-42d2-884a-2766575892e8/items?path=/.devfile.yaml&versionDescriptor%5BversionOptions%5D=0&versionDescriptor%5BversionType%5D=0&versionDescriptor%5Bversion%5D=main&resolveLfs=true&%24format=octetStream&api-version=5.0&download=true

image

For private repositories a developer could still use the same workaround but in this case he should include the personal access token in the URL. For example:

https://${PAT}@dev.azure.com/marioloriedo/marioloriedo/_apis/sourceProviders/TfsGit/filecontents?repository=private-repo&commitOrBranch=main&path=/.devfile.yaml&api-version=7.0

But the che-server fails to resolve the devfile in this case:

image

The same URL works fine with cURL:

image

Describe the solution you'd like

The che-server should be able to resolve the file.

Additional context

I have also tested with a github.com private repository and the message is different:

image

The URL used was:

https://[email protected]/<user or organization>/<repo name>/<branch>/.devfile.yaml

Che-server should resolve the file In this case too but it doesn't work.
@l0rd l0rd added the kind/enhancement A feature request - must adhere to the feature request template. label Feb 13, 2023
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Feb 13, 2023
@l0rd l0rd mentioned this issue Feb 13, 2023
Closed
@l0rd l0rd added area/che-server severity/P1 Has a major impact to usage or development of the system. and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Feb 13, 2023
@ibuziuk ibuziuk mentioned this issue Feb 14, 2023
Closed
56 tasks
@ibuziuk ibuziuk added the area/git/oauth-services OAuth support to authenticate developers with their GitHub, GitLab, Bitbucket etc...accounts label Feb 14, 2023
@vinokurig vinokurig self-assigned this Feb 15, 2023
This was referenced Feb 22, 2023
Merged
Closed
@vinokurig vinokurig mentioned this issue Mar 1, 2023
Merged
6 tasks
@l0rd l0rd added new&noteworthy For new and/or noteworthy issues that deserve a blog post, new docs, or emphasis in release notes status/release-notes-review-needed Issues that needs to be reviewed by the doc team for the Release Notes wording labels Mar 2, 2023
@l0rd l0rd added this to the 7.62 milestone Mar 2, 2023
@devstudio-release
Copy link

sync'd to Red Hat JIRA https://issues.redhat.com/browse/CRW-4106

@netomi
Copy link

netomi commented Jul 18, 2024

@l0rd you added an Azure DevOps Personal Access Token in one of your comments, I would highly suggest to revoke it if its still in use.

@l0rd
Copy link
Contributor Author

l0rd commented Jul 18, 2024

Thank you @netomi. The PAT was revoked before I created the issue. But anyway I have updated the description to hide PAT to avoid any security alert.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vinokurig vinokurig

Labels
area/che-server area/git/oauth-services OAuth support to authenticate developers with their GitHub, GitLab, Bitbucket etc...accounts kind/enhancement A feature request - must adhere to the feature request template. new&noteworthy For new and/or noteworthy issues that deserve a blog post, new docs, or emphasis in release notes severity/P1 Has a major impact to usage or development of the system. sprint/current status/release-notes-review-needed Issues that needs to be reviewed by the doc team for the Release Notes wording
Projects
None yet
Milestone
7.62
Development

No branches or pull requests
6 participants
@l0rd @netomi @ibuziuk @vinokurig @devstudio-release @che-bot