Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to configure http/s managed transport #870

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add option to configure http/s managed transport #870

wants to merge 2 commits into from

Conversation

darkowlzz
Copy link
Contributor

This change introduces NewRegisterSmartTransportWithOptions() to help
configure the smart transport with SmartSubtransportOptions. If the
default smart subtransport client needs to be configured, a newly
configured smart transport can be registered and used.
The SmartSubtransportOptions includes CABundle only for now.

This enables creating and using new transport with secrets that can be
deleted and not shared with subsequent operations.

The http client in httpSmartSubtransport is now shared with the
underlying httpSmartSubtransportStream, reusing the client and its
configurations.

It also fixes the error during cloning:

unable to clone: Post "http://test-user:***@127.0.0.1:40463/bar/test-reponame/git-upload-pack": io: read/write on closed pipe

by using credentials if available and avoiding failure due to
unauthorized request.

A user of the smart transport who needs to add a CA bundle in the
http client can do the following to setup the smart transport before
cloning:

stOpts := &git2go.SmartSubtransportOptions{CABundle: opts.CAFile}
rst, err := git2go.NewRegisterSmartTransportWithOptions("https", stOpts)
if err != nil {
	return err
}
if rst != nil {
	defer rst.Free()
}

NOTE: This is a rewrite of the fix in #858 to avoid creating a global cert pool. Similar to #858, I would like to have some guidance in understanding if this implementation is the right approach and addressing any possible issues due to this change.

Refer #858 for background and more information about this change.

@darkowlzz
Add option to configure http/s managed transport
3d4b9b9 
This change introduces NewRegisterSmartTransportWithOptions() to help
configure the smart transport with SmartSubtransportOptions. If the
default smart subtransport client needs to be configured, a newly
configured smart transport can be registered and used.
The SmartSubtransportOptions includes CABundle only for now.

This enables creating and using new transport with secrets that can be
deleted and not shared with subsequent operations.

The http client from httpSmartSubtransport is now shared with the
underlying httpSmartSubtransportStream, reusing the client and its
configurations.

It also fixes the error during cloning:
```
unable to clone: Post "http://test-user:***@127.0.0.1:40463/bar/test-reponame/git-upload-pack": io: read/write on closed pipe
```
by using credentials if available and avoiding failure due to
unauthorized request.

A user of the smart transport who needs to add a CA bundle in the
http client can do the following to setup the smart transport before
cloning:

```
stOpts := &git2go.SmartSubtransportOptions{CABundle: opts.CAFile}
rst, err := git2go.NewRegisterSmartTransportWithOptions("https", stOpts)
if err != nil {
	return err
}
if rst != nil {
	defer rst.Free()
}
```
@darkowlzz darkowlzz mentioned this pull request Nov 22, 2021
Open
@jasperem
Copy link

@darkowlzz if you replace req, err = http.NewRequest("POST", url+"/info/refs?service=git-receive-pack", nil) with req, err = http.NewRequest("POST", url+"/git-receive-pack", nil) everything works for me. Thank you very much for your work!

@timja timja mentioned this pull request Nov 26, 2021
Closed
@darkowlzz
Update SmartServiceActionReceivepack request path
5bd7c33 
Similar to SmartServiceActionUploadpack, SmartServiceActionReceivepack
is not an info endpoint. Fix the path for git-receive-pack.
@tylerphelan
Copy link

tylerphelan commented Dec 2, 2021
edited
Loading

we're getting Post ...: io: read/write on closed pipe when fetching over https with basic auth, does this PR suggest it is not currently supported?

fwiw it was working on version v31.4.14

@darkowlzz
Copy link
Contributor Author

darkowlzz commented Dec 2, 2021
edited
Loading

we're getting Post ...: io: read/write on closed pipe when fetching over https with basic auth, does this PR suggest it is not currently supported?

@tylerphelan I experienced the same and this PR is an attempt to fix that. It's documented in #858 how I attempted to fix the closed pipe error.
Do you get the same error with this fix? I thought I did test it with basic auth.

@tylerphelan
Copy link

@darkowlzz worked for me, thanks for this PR!

This was referenced Dec 3, 2021
Closed
Merged
@pjbgf pjbgf mentioned this pull request Dec 15, 2021
Merged
@pfremm
Copy link

pfremm commented May 17, 2022

Curious if this is going to be merged?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@darkowlzz @jasperem @tylerphelan @pfremm