Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
fix: do not transform repositoryUrl if it allow to push
Even the user set Git credentials via environment variable, use the configured URL (with authentication) if it works.
This allow users to push tags and commits via ssh while still using the GitHub/GitLab API.
  • Loading branch information
pvdlg committed Feb 14, 2018
1 parent 9788fca commit 305f4ee
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 4 deletions.
6 changes: 4 additions & 2 deletions lib/get-config.js
Expand Up @@ -3,7 +3,7 @@ const readPkgUp = require('read-pkg-up');
const cosmiconfig = require('cosmiconfig');
const resolveFrom = require('resolve-from');
const debug = require('debug')('semantic-release:config');
const {repoUrl} = require('./git');
const {repoUrl, verifyAuth} = require('./git');
const PLUGINS_DEFINITIONS = require('./definitions/plugins');
const plugins = require('./plugins');
const getGitAuthUrl = require('./get-git-auth-url');
Expand Down Expand Up @@ -51,7 +51,9 @@ module.exports = async (opts, logger) => {
...pickBy(options, option => !isUndefined(option) && !isNull(option)),
};

options.repositoryUrl = options.repositoryUrl ? getGitAuthUrl(options.repositoryUrl) : options.repositoryUrl;
if (!await verifyAuth(options.repositoryUrl, options.branch)) {
options.repositoryUrl = options.repositoryUrl ? getGitAuthUrl(options.repositoryUrl) : options.repositoryUrl;
}

debug('options values: %O', options);

Expand Down
13 changes: 13 additions & 0 deletions test/get-config.test.js
Expand Up @@ -80,6 +80,19 @@ test.serial('Default values, reading repositoryUrl (http url) from package.json
t.is(options.tagFormat, `v\${version}`);
});

test.serial('Do not add git credential to repositoryUrl if push is allowed', async t => {
process.env.GIT_CREDENTIALS = 'user:pass';
// Create a git repository, set the current working directory at the root of the repo
const repositoryUrl = await gitRepo(true);
const pkg = {repository: repositoryUrl};
// Create package.json in repository root
await outputJson('./package.json', pkg);

const {options} = await t.context.getConfig();

t.is(options.repositoryUrl, repositoryUrl);
});

test.serial('Read options from package.json', async t => {
const release = {
analyzeCommits: {path: 'analyzeCommits', param: 'analyzeCommits_param'},
Expand Down
4 changes: 2 additions & 2 deletions test/integration.test.js
Expand Up @@ -603,11 +603,11 @@ test.serial('Exit with 1 if missing permission to push to the remote repository'

// Create a git repository, set the current working directory at the root of the repo
t.log('Create git repository');
const {repositoryUrl} = await gitbox.createRepo(packageName);
await gitbox.createRepo(packageName);
await writeJson('./package.json', {
name: packageName,
version: '0.0.0-dev',
repository: {url: repositoryUrl},
repository: {url: 'http://user:wrong_pass@localhost:2080/git/unauthorized.git'},
});

/* Initial release */
Expand Down

0 comments on commit 305f4ee

Please sign in to comment.