update to use cli flag along with env var

karthik2804 · karthik2804 · commit 09041733e6dc · 2024-10-28T10:33:43.000+01:00
Signed-off-by: karthik2804 &lt;karthik.ganeshram@fermyon.com&gt;
diff --git a/crates/plugins/src/manager.rs b/crates/plugins/src/manager.rs
@@ -88,6 +88,7 @@ impl PluginManager {
         plugin_manifest: &PluginManifest,
         plugin_package: &PluginPackage,
         source: &ManifestLocation,
+        auth_header_value: Option<String>,
     ) -> Result<String> {
         let target = plugin_package.url.to_owned();
         let target_url = Url::parse(&target)?;
@@ -106,7 +107,15 @@ impl PluginManager {
                     );
                 }
             }
-            _ => download_plugin(&plugin_manifest.name(), &temp_dir, &target).await?,
+            _ => {
+                download_plugin(
+                    &plugin_manifest.name(),
+                    &temp_dir,
+                    &target,
+                    auth_header_value,
+                )
+                .await?
+            }
         };
         verify_checksum(&plugin_tarball_path, &plugin_package.sha256)?;
 
@@ -186,14 +195,15 @@ impl PluginManager {
         manifest_location: &ManifestLocation,
         skip_compatibility_check: bool,
         spin_version: &str,
+        auth_header_value: Option<String>,
     ) -> PluginLookupResult<PluginManifest> {
         let plugin_manifest = match manifest_location {
             ManifestLocation::Remote(url) => {
                 tracing::info!("Pulling manifest for plugin from {url}");
                 let client = Client::new();
                 client
                     .get(url.as_ref())
-                    .headers(maybe_get_auth_header()?)
+                    .headers(request_headers(auth_header_value)?)
                     .send()
                     .await
                     .map_err(|e| {
@@ -339,12 +349,17 @@ pub fn get_package(plugin_manifest: &PluginManifest) -> Result<&PluginPackage> {
         })
 }
 
-async fn download_plugin(name: &str, temp_dir: &TempDir, target_url: &str) -> Result<PathBuf> {
+async fn download_plugin(
+    name: &str,
+    temp_dir: &TempDir,
+    target_url: &str,
+    auth_header_value: Option<String>,
+) -> Result<PathBuf> {
     tracing::trace!("Trying to get tar file for plugin '{name}' from {target_url}");
     let client = Client::new();
     let plugin_bin = client
         .get(target_url)
-        .headers(maybe_get_auth_header()?)
+        .headers(request_headers(auth_header_value)?)
         .send()
         .await?;
     if !plugin_bin.status().is_success() {
@@ -374,11 +389,13 @@ fn verify_checksum(plugin_file: &Path, expected_sha256: &str) -> Result<()> {
     }
 }
 
-fn maybe_get_auth_header() -> Result<HeaderMap> {
-    let token = std::env::var("SPIN_PLUGIN_AUTH_HEADER").ok();
+/// Get the request headers for a call to the plugin API
+///
+/// If set, this will include the user provided authorization header.
+fn request_headers(auth_header_value: Option<String>) -> Result<HeaderMap> {
     let mut headers = HeaderMap::new();
-    if token.is_some() {
-        headers.insert(reqwest::header::AUTHORIZATION, token.unwrap().parse()?);
+    if let Some(auth_value) = auth_header_value {
+        headers.insert(reqwest::header::AUTHORIZATION, auth_value.parse()?);
     }
     Ok(headers)
 }
@@ -404,6 +421,7 @@ mod tests {
                 &ManifestLocation::Local(PathBuf::from(
                     "../tests/nonexistent-url/nonexistent-url.json",
                 )),
+                None,
             )
             .await;
 
diff --git a/src/commands/external.rs b/src/commands/external.rs
@@ -209,6 +209,7 @@ fn installer_for(plugin_name: &str) -> Install {
         remote_manifest_src: None,
         override_compatibility_check: false,
         version: None,
+        auth_header_value: None,
     }
 }
 
diff --git a/src/commands/plugins.rs b/src/commands/plugins.rs
@@ -98,6 +98,10 @@ pub struct Install {
     #[clap(long = PLUGIN_OVERRIDE_COMPATIBILITY_CHECK_FLAG, takes_value = false)]
     pub override_compatibility_check: bool,
 
+    /// Provide the auth header value to be able to install a plugin from a private repository.
+    #[clap(long = "auth-header-value", requires = PLUGIN_REMOTE_PLUGIN_MANIFEST_OPT)]
+    pub auth_header_value: Option<String>,
+
     /// Specific version of a plugin to be install from the centralized plugins
     /// repository.
     #[clap(
@@ -126,6 +130,7 @@ impl Install {
                 &manifest_location,
                 self.override_compatibility_check,
                 SPIN_VERSION,
+                self.auth_header_value.clone(),
             )
             .await?;
         try_install(
@@ -135,6 +140,7 @@ impl Install {
             self.override_compatibility_check,
             downgrade,
             &manifest_location,
+            self.auth_header_value.clone(),
         )
         .await?;
         Ok(())
@@ -207,6 +213,10 @@ pub struct Upgrade {
     #[clap(short = 'y', long = "yes", takes_value = false)]
     pub yes_to_all: bool,
 
+    /// Auth header value to be able to install a plugin from a private repository.
+    #[clap(long = "auth-header-value", requires = PLUGIN_REMOTE_PLUGIN_MANIFEST_OPT)]
+    pub auth_header_value: Option<String>,
+
     /// Overrides a failed compatibility check of the plugin with the current version of Spin.
     #[clap(long = PLUGIN_OVERRIDE_COMPATIBILITY_CHECK_FLAG, takes_value = false)]
     pub override_compatibility_check: bool,
@@ -288,7 +298,12 @@ impl Upgrade {
 
             // Attempt to get the manifest to check eligibility to upgrade
             if let Ok(manifest) = manager
-                .get_manifest(&manifest_location, false, SPIN_VERSION)
+                .get_manifest(
+                    &manifest_location,
+                    false,
+                    SPIN_VERSION,
+                    self.auth_header_value.clone(),
+                )
                 .await
             {
                 // Check if upgraded candidates have a newer version and if are compatible
@@ -341,7 +356,16 @@ impl Upgrade {
                 None,
             ));
 
-            try_install(&manifest, &manager, true, false, false, &manifest_location).await?;
+            try_install(
+                &manifest,
+                &manager,
+                true,
+                false,
+                false,
+                &manifest_location,
+                self.auth_header_value.clone(),
+            )
+            .await?;
         }
 
         Ok(())
@@ -365,6 +389,7 @@ impl Upgrade {
                     &manifest_location,
                     self.override_compatibility_check,
                     SPIN_VERSION,
+                    self.auth_header_value.clone(),
                 )
                 .await
             {
@@ -382,6 +407,7 @@ impl Upgrade {
                 self.override_compatibility_check,
                 self.downgrade,
                 &manifest_location,
+                self.auth_header_value.clone(),
             )
             .await?;
         }
@@ -405,6 +431,7 @@ impl Upgrade {
                 &manifest_location,
                 self.override_compatibility_check,
                 SPIN_VERSION,
+                self.auth_header_value.clone(),
             )
             .await?;
         try_install(
@@ -414,6 +441,7 @@ impl Upgrade {
             self.override_compatibility_check,
             self.downgrade,
             &manifest_location,
+            self.auth_header_value,
         )
         .await?;
         Ok(())
@@ -434,6 +462,7 @@ impl Show {
                 &ManifestLocation::PluginsRepository(PluginLookup::new(&self.name, None)),
                 false,
                 SPIN_VERSION,
+                None,
             )
             .await?;
 
@@ -789,6 +818,7 @@ async fn try_install(
     override_compatibility_check: bool,
     downgrade: bool,
     source: &ManifestLocation,
+    auth_header_value: Option<String>,
 ) -> Result<bool> {
     let install_action = manager.check_manifest(
         manifest,
@@ -804,7 +834,9 @@ async fn try_install(
 
     let package = manager::get_package(manifest)?;
     if continue_to_install(manifest, package, yes_to_all)? {
-        let installed = manager.install(manifest, package, source).await?;
+        let installed = manager
+            .install(manifest, package, source, auth_header_value)
+            .await?;
         println!("Plugin '{installed}' was installed successfully!");
 
         if let Some(description) = manifest.description() {

Original file line number	Diff line number	Diff line change
`@@ -209,6 +209,7 @@ fn installer_for(plugin_name: &str) -> Install {`
`209`	`209`	`remote_manifest_src: None,`
`210`	`210`	`override_compatibility_check: false,`
`211`	`211`	`version: None,`
	`212`	`+ auth_header_value: None,`
`212`	`213`	`}`
`213`	`214`	`}`
`214`	`215`