github app support in git clone

remove run e

remove run e

fix gofmt

fix gofmt

fix gofmt

Author: Scott Schulthess

git.go

@@ -36,17 +36,24 @@ func NewGitClient(source *Source, dir string, output io.Writer) (*GitClient, err
 		os.Setenv("GIT_LFS_SKIP_SMUDGE", "true")
 	}
 	return &GitClient{
-		AccessToken: source.AccessToken,
-		Directory:   dir,
-		Output:      output,
+		AccessToken:   source.AccessToken,
+		PrivateKey:    source.PrivateKey,
+		UseGithubApp:  source.UseGitHubApp,
+		ApplicationID: source.ApplicationID,
+		Directory:     dir,
+		Output:        output,
 	}, nil
 }
 
 // GitClient ...
 type GitClient struct {
-	AccessToken string
-	Directory   string
-	Output      io.Writer
+	AccessToken        string
+	UseGithubApp       bool
+	Directory          string
+	ApplicationID      int64
+	GithubOrganziation string
+	PrivateKey         string
+	Output             io.Writer
 }
 
 func (g *GitClient) command(name string, arg ...string) *exec.Cmd {
@@ -58,6 +65,8 @@ func (g *GitClient) command(name string, arg ...string) *exec.Cmd {
 	cmd.Env = append(cmd.Env,
 		"X_OAUTH_BASIC_TOKEN="+g.AccessToken,
 		"GIT_ASKPASS=/usr/local/bin/askpass.sh")
+	fmt.Fprint(os.Stderr, fmt.Sprintf("\n%s %v", name, arg))
+
 	return cmd
 }
 
@@ -75,9 +84,20 @@ func (g *GitClient) Init(branch string) error {
 	if err := g.command("git", "config", "--global", "user.email", "concourse@local").Run(); err != nil {
 		return fmt.Errorf("failed to configure git email: %s", err)
 	}
-	fmt.Println("SDS")
-	if err := g.command("git", "config", "credential.https://github.com.helper","'!git-credential-github-app --appId ((github/concourse-app-id)) -organization ((github/concourse-app-organization-name)) -username x-access-token'").Run(); err != nil {
-		return fmt.Errorf("failed to configure github url: %s", err)
+
+	if g.UseGithubApp {
+		filePath := "/tmp/git-resource-private-key"
+		err := ioutil.WriteFile(filePath, []byte(g.PrivateKey), 0600)
+		if err != nil {
+			fmt.Println("Error writing private key:", err)
+			os.Exit(1)
+		}
+
+		helperStr := fmt.Sprintf("!git-credential-github-app --appId %d -organization %s -username x-access-token  -privateKeyFile /tmp/git-resource-private-key", g.ApplicationID, g.GithubOrganziation)
+		fmt.Fprint(os.Stderr, "\nsds helperStr", helperStr)
+		if err := g.command("git", "config", "credential.https://github.com.helper", helperStr).Run(); err != nil {
+			return fmt.Errorf("failed to configure github url: %s", err)
+		}
 	}
 	if err := g.command("git", "config", "--global", "url.https://.insteadOf", "git://").Run(); err != nil {
 		return fmt.Errorf("failed to configure github url: %s", err)
@@ -92,7 +112,6 @@ func (g *GitClient) Pull(uri, branch string, depth int, submodules bool, fetchTa
 		return err
 	}
 
-
 	if err := g.command("git", "remote", "add", "origin", endpoint).Run(); err != nil {
 		return fmt.Errorf("setting 'origin' remote to '%s' failed: %s", endpoint, err)
 	}

github.go

@@ -64,16 +64,9 @@ func NewGithubClient(s *Source) (*GithubClient, error) {
 	var client *http.Client
 	if s.UseGitHubApp {
 		var ghAppInstallationTransport *ghinstallation.Transport
-		if s.PrivateKeyFile != "" {
-			ghAppInstallationTransport, err = ghinstallation.NewKeyFromFile(transport, s.ApplicationID, s.InstallationID, s.PrivateKeyFile)
-			if err != nil {
-				return nil, fmt.Errorf("failed to generate application installation access token using private key file: %s", err)
-			}
-		} else {
-			ghAppInstallationTransport, err = ghinstallation.New(transport, s.ApplicationID, s.InstallationID, []byte(s.PrivateKey))
-			if err != nil {
-				return nil, fmt.Errorf("failed to generate application installation access token using private key: %s", err)
-			}
+		ghAppInstallationTransport, err = ghinstallation.New(transport, s.ApplicationID, s.InstallationID, []byte(s.PrivateKey))
+		if err != nil {
+			return nil, fmt.Errorf("failed to generate application installation access token using private key: %s", err)
 		}
 
 		// Client using ghinstallation transport

models.go

@@ -30,8 +30,8 @@ type Source struct {
 	TrustedTeams            []string                    `json:"trusted_teams"`
 	TrustedUsers            []string                    `json:"trusted_users"`
 	UseGitHubApp            bool                        `json:"use_github_app"`
+	GithubOrganziation      string                       `json:"github_organization"`
 	PrivateKey              string                      `json:"private_key"`
-	PrivateKeyFile          string                      `json:"private_key_file"`
 	ApplicationID           int64                       `json:"application_id"`
 	InstallationID          int64                       `json:"installation_id"`
 }
@@ -42,12 +42,15 @@ func (s *Source) Validate() error {
 		return errors.New("access_token must be set if not using GitHub App authentication")
 	}
 	if s.UseGitHubApp {
-		if s.PrivateKey == "" && s.PrivateKeyFile == "" {
+		if s.PrivateKey == "" {
 			return errors.New("Either private_key or private_key_file should be supplied if using GitHub App authentication")
 		}
 		if s.ApplicationID == 0 || s.InstallationID == 0 {
 			return errors.New("application_id and installation_id must be set if using GitHub App authentication")
 		}
+		if len(s.GithubOrganziation) == 0 {
+			return errors.New("github_organization must be set if using GitHub App authentication")
+		}
 		if s.AccessToken != "" {
 			return errors.New("access_token is not required when using GitHub App authentication")
 		}

models_test.go

@@ -39,6 +39,7 @@ func TestSource(t *testing.T) {
 			description: "should support GitHub App authentication",
 			source: resource.Source{
 				Repository:     "test/test",
+				GithubOrganziation: "test",
 				UseGitHubApp:   true,
 				PrivateKey:     "key.pem",
 				ApplicationID:  123456,
@@ -70,6 +71,7 @@ func TestSource(t *testing.T) {
 			source: resource.Source{
 				Repository:     "test/test",
 				UseGitHubApp:   true,
+				GithubOrganziation: "test",
 				PrivateKey:     "key.pem",
 				ApplicationID:  123456,
 				InstallationID: 1,