Merge pull request #6 from link-foundation/issue-5-898734966645

fix: Improve Docker/server support and fix glab --jq compatibility

Author: konard

.changeset/fix-docker-server-support.md

@@ -0,0 +1,11 @@
+---
+'glab-setup-git-identity': patch
+---
+
+Fix Docker/server support and glab --jq compatibility
+
+- Fix README.md manual commands to use pipe to jq instead of --jq flag
+- Add "Authentication in Docker/Server Environments" section to README
+- Enhance CLI with helpful headless auth instructions
+- Fix src/index.js to parse JSON in JavaScript for better glab version compatibility
+- Optimize getGitLabUserInfo to use a single API call

README.md

@@ -13,16 +13,24 @@ A tool to setup git identity based on current GitLab user.
 Instead of manually running:
 
 ```bash
-glab auth login --hostname gitlab.com --git-protocol https
+# Authenticate with GitLab (interactive mode - no extra flags)
+glab auth login
+
+# Or for non-interactive mode with a token:
+# glab auth login --hostname gitlab.com --git-protocol https --token YOUR_TOKEN
+
 glab auth git-credential # For HTTPS authentication helper
 
-USERNAME=$(glab api user --jq '.username')
-EMAIL=$(glab api user --jq '.email')
+# Get user info (requires jq to be installed)
+USERNAME=$(glab api user | jq -r '.username')
+EMAIL=$(glab api user | jq -r '.email')
 
 git config --global user.name "$USERNAME"
 git config --global user.email "$EMAIL"
 ```
 
+> **Note for manual commands**: The commands above require `jq` to be installed (`apt install jq` or `brew install jq`). The `glab api` command does not have a built-in `--jq` flag - you must pipe output to the external `jq` tool.
+
 You can simply run:
 
 ```bash
@@ -163,7 +171,61 @@ The tool runs `glab auth login` automatically, followed by configuring git to us
 If automatic authentication fails, you can run the commands manually:
 
 ```bash
-glab auth login --hostname gitlab.com --git-protocol https
+glab auth login
+```
+
+### Authentication in Docker/Server Environments (Headless)
+
+When running in Docker containers or on remote servers without a browser, `glab auth login` will display a URL to open but fail to launch a browser:
+
+```
+Failed opening a browser at https://gitlab.com/oauth/authorize?...
+Encountered error: exec: "xdg-open": executable file not found in $PATH
+Try entering the URL in your browser manually.
+```
+
+**To complete authentication in headless environments:**
+
+1. **Copy the authorization URL** displayed by glab and open it in your local browser
+2. Complete the GitLab OAuth flow in your browser
+3. You'll be redirected to a URL like: `http://localhost:7171/auth/redirect?code=...&state=...`
+4. **Use `curl` to send the redirect URL back to glab**:
+
+```bash
+# Method 1: Using screen (recommended for Docker)
+# Terminal 1: Start glab auth in screen
+screen -S glab-auth
+glab auth login
+# Press Ctrl+A, D to detach from screen
+
+# Terminal 2: After completing OAuth in browser, send the redirect URL
+curl -L "http://localhost:7171/auth/redirect?code=YOUR_CODE&state=YOUR_STATE"
+
+# Return to screen to see auth completion
+screen -r glab-auth
+```
+
+```bash
+# Method 2: Using SSH port forwarding (for remote servers)
+# On your local machine, forward the callback port:
+ssh -L 7171:localhost:7171 user@remote-server
+
+# Then on the server, run glab auth login
+# The OAuth redirect will go through the SSH tunnel to your local machine
+```
+
+**Alternatively, use token-based authentication** (recommended for CI/CD and automation):
+
+```bash
+# Generate a Personal Access Token at:
+# https://gitlab.com/-/profile/personal_access_tokens
+# Required scopes: api, write_repository
+
+# Then authenticate non-interactively:
+glab auth login --hostname gitlab.com --token YOUR_TOKEN
+
+# Or with this tool:
+glab-setup-git-identity --token YOUR_TOKEN
 ```
 
 ### Successful Run

src/cli.js

@@ -260,6 +260,40 @@ async function handleAlreadyAuthenticated() {
   return true;
 }
 
+/**
+ * Print headless authentication instructions
+ */
+function printHeadlessAuthInstructions() {
+  console.log('');
+  console.log('=== Authentication in Docker/Server Environments ===');
+  console.log('');
+  console.log(
+    'If you see a browser URL but cannot open it, follow these steps:'
+  );
+  console.log('');
+  console.log('1. Copy the authorization URL displayed above');
+  console.log('2. Open it in your local browser and complete the OAuth flow');
+  console.log(
+    '3. You will be redirected to: http://localhost:7171/auth/redirect?code=...&state=...'
+  );
+  console.log('4. Use curl to send that redirect URL back to glab:');
+  console.log('');
+  console.log(
+    '   curl -L "http://localhost:7171/auth/redirect?code=YOUR_CODE&state=YOUR_STATE"'
+  );
+  console.log('');
+  console.log('Alternatively, use token-based authentication:');
+  console.log('');
+  console.log('1. Generate a Personal Access Token at:');
+  console.log(`   https://${config.hostname}/-/profile/personal_access_tokens`);
+  console.log('   Required scopes: api, write_repository');
+  console.log('');
+  console.log('2. Re-run with your token:');
+  console.log(`   glab-setup-git-identity --token YOUR_TOKEN`);
+  console.log('');
+  console.log('================================================');
+}
+
 /**
  * Handle case when not authenticated
  * @returns {Promise<boolean>} True if login succeeded
@@ -268,14 +302,27 @@ async function handleNotAuthenticated() {
   console.log('GitLab CLI is not authenticated. Starting authentication...');
   console.log('');
 
+  // Print headless instructions before attempting auth
+  // This helps users in Docker/server environments know what to do
+  printHeadlessAuthInstructions();
+  console.log('');
+
   const loginSuccess = await runGlabAuthLogin(getAuthOptions());
 
   if (!loginSuccess) {
     console.log('');
-    console.log('Authentication failed. Please try running manually:');
+    console.log('Authentication failed. Please try one of the following:');
+    console.log('');
+    console.log('Option 1: Interactive login');
+    console.log('  glab auth login');
+    console.log('');
+    console.log('Option 2: Token-based login (recommended for headless)');
     console.log(
-      `  glab auth login --hostname ${config.hostname} --git-protocol ${config.gitProtocol}`
+      `  glab auth login --hostname ${config.hostname} --token YOUR_TOKEN`
     );
+    console.log('');
+    console.log('Option 3: Use this tool with a token');
+    console.log(`  glab-setup-git-identity --token YOUR_TOKEN`);
     return false;
   }
 

src/index.js

@@ -330,6 +330,9 @@ export async function isGlabAuthenticated(options = {}) {
 /**
  * Get GitLab username from authenticated user
  *
+ * Note: This function parses the JSON response in JavaScript rather than using
+ * glab's --jq flag, as the --jq flag is not available in all glab versions.
+ *
  * @param {Object} options - Options
  * @param {string} options.hostname - GitLab hostname (optional)
  * @param {boolean} options.verbose - Enable verbose logging
@@ -342,7 +345,7 @@ export async function getGitLabUsername(options = {}) {
 
   log.debug('Getting GitLab username...');
 
-  const args = ['api', 'user', '--jq', '.username'];
+  const args = ['api', 'user'];
   if (hostname) {
     args.push('--hostname', hostname);
   }
@@ -353,7 +356,23 @@ export async function getGitLabUsername(options = {}) {
     throw new Error(`Failed to get GitLab username: ${result.stderr}`);
   }
 
-  const username = result.stdout.trim();
+  // Parse JSON response in JavaScript (glab's --jq flag is not available in all versions)
+  let userData;
+  try {
+    userData = JSON.parse(result.stdout.trim());
+  } catch (parseError) {
+    throw new Error(
+      `Failed to parse GitLab user data: ${parseError.message}. Raw output: ${result.stdout}`
+    );
+  }
+
+  const username = userData.username;
+  if (!username) {
+    throw new Error(
+      'No username found in GitLab user data. Please ensure your GitLab account has a username.'
+    );
+  }
+
   log.debug(`GitLab username: ${username}`);
 
   return username;
@@ -362,6 +381,9 @@ export async function getGitLabUsername(options = {}) {
 /**
  * Get primary email from GitLab user
  *
+ * Note: This function parses the JSON response in JavaScript rather than using
+ * glab's --jq flag, as the --jq flag is not available in all glab versions.
+ *
  * @param {Object} options - Options
  * @param {string} options.hostname - GitLab hostname (optional)
  * @param {boolean} options.verbose - Enable verbose logging
@@ -374,7 +396,7 @@ export async function getGitLabEmail(options = {}) {
 
   log.debug('Getting GitLab primary email...');
 
-  const args = ['api', 'user', '--jq', '.email'];
+  const args = ['api', 'user'];
   if (hostname) {
     args.push('--hostname', hostname);
   }
@@ -385,7 +407,17 @@ export async function getGitLabEmail(options = {}) {
     throw new Error(`Failed to get GitLab email: ${result.stderr}`);
   }
 
-  const email = result.stdout.trim();
+  // Parse JSON response in JavaScript (glab's --jq flag is not available in all versions)
+  let userData;
+  try {
+    userData = JSON.parse(result.stdout.trim());
+  } catch (parseError) {
+    throw new Error(
+      `Failed to parse GitLab user data: ${parseError.message}. Raw output: ${result.stdout}`
+    );
+  }
+
+  const email = userData.email;
 
   if (!email) {
     throw new Error(
@@ -401,17 +433,60 @@ export async function getGitLabEmail(options = {}) {
 /**
  * Get GitLab user information (username and primary email)
  *
+ * Note: This function makes a single API call and parses both username and email
+ * from the response, which is more efficient than calling getGitLabUsername and
+ * getGitLabEmail separately.
+ *
  * @param {Object} options - Options
  * @param {string} options.hostname - GitLab hostname (optional)
  * @param {boolean} options.verbose - Enable verbose logging
  * @param {Object} options.logger - Custom logger
  * @returns {Promise<{username: string, email: string}>} User information
  */
 export async function getGitLabUserInfo(options = {}) {
-  const [username, email] = await Promise.all([
-    getGitLabUsername(options),
-    getGitLabEmail(options),
-  ]);
+  const { hostname, verbose = false, logger = console } = options;
+  const log = createDefaultLogger({ verbose, logger });
+
+  log.debug('Getting GitLab user information...');
+
+  const args = ['api', 'user'];
+  if (hostname) {
+    args.push('--hostname', hostname);
+  }
+
+  const result = await $`glab ${args}`.run({ capture: true });
+
+  if (result.code !== 0) {
+    throw new Error(`Failed to get GitLab user info: ${result.stderr}`);
+  }
+
+  // Parse JSON response in JavaScript (glab's --jq flag is not available in all versions)
+  let userData;
+  try {
+    userData = JSON.parse(result.stdout.trim());
+  } catch (parseError) {
+    throw new Error(
+      `Failed to parse GitLab user data: ${parseError.message}. Raw output: ${result.stdout}`
+    );
+  }
+
+  const username = userData.username;
+  const email = userData.email;
+
+  if (!username) {
+    throw new Error(
+      'No username found in GitLab user data. Please ensure your GitLab account has a username.'
+    );
+  }
+
+  if (!email) {
+    throw new Error(
+      'No email found on GitLab account. Please set a primary email in your GitLab settings.'
+    );
+  }
+
+  log.debug(`GitLab username: ${username}`);
+  log.debug(`GitLab primary email: ${email}`);
 
   return { username, email };
 }