From ff499077c1e7e0db83c7a018d8b9a49ffeccd1e9 Mon Sep 17 00:00:00 2001 From: Vincent Gillet Date: Mon, 31 Jul 2023 21:35:10 +0800 Subject: [PATCH] removing username being mandatory with password in source secret with test Signed-off-by: talife --- cmd/flux/create_secret_git.go | 4 ++-- cmd/flux/create_secret_git_test.go | 5 +++++ .../testdata/create_secret/git/secret-git-only-pwd.yaml | 9 +++++++++ pkg/manifestgen/sourcesecret/sourcesecret.go | 6 ++++-- 4 files changed, 20 insertions(+), 4 deletions(-) create mode 100644 cmd/flux/testdata/create_secret/git/secret-git-only-pwd.yaml diff --git a/cmd/flux/create_secret_git.go b/cmd/flux/create_secret_git.go index a9330cffbd..faf611ecb4 100644 --- a/cmd/flux/create_secret_git.go +++ b/cmd/flux/create_secret_git.go @@ -151,13 +151,13 @@ func createSecretGitCmdRun(cmd *cobra.Command, args []string) error { opts.ECDSACurve = secretGitArgs.ecdsaCurve.Curve opts.Password = secretGitArgs.password case "http", "https": - if (secretGitArgs.username == "" || secretGitArgs.password == "") && secretGitArgs.bearerToken == "" { + if secretGitArgs.password == "" && secretGitArgs.bearerToken == "" { return fmt.Errorf("for Git over HTTP/S the username and password, or a bearer token is required") } opts.Username = secretGitArgs.username opts.Password = secretGitArgs.password opts.BearerToken = secretGitArgs.bearerToken - if secretGitArgs.username != "" && secretGitArgs.password != "" && secretGitArgs.bearerToken != "" { + if secretGitArgs.password != "" && secretGitArgs.bearerToken != "" { return fmt.Errorf("user credentials and bearer token cannot be used together") } if secretGitArgs.caFile != "" { diff --git a/cmd/flux/create_secret_git_test.go b/cmd/flux/create_secret_git_test.go index bdf2431d41..16bf19dd61 100644 --- a/cmd/flux/create_secret_git_test.go +++ b/cmd/flux/create_secret_git_test.go @@ -40,6 +40,11 @@ func TestCreateGitSecret(t *testing.T) { args: "create secret git podinfo-auth --url=https://github.com/stefanprodan/podinfo --username=aaa --password=zzzz --bearer-token=aaaa --namespace=my-namespace --export", assert: assertError("user credentials and bearer token cannot be used together"), }, + { + name: "git authentication with basic auth consisting of only one password without a username", + args: "create secret git podinfo-auth --url=https://github.com/stefanprodan/podinfo --password=my-password --namespace=my-namespace --export", + assert: assertGoldenFile("./testdata/create_secret/git/secret-git-only-pwd.yaml"), + }, } for _, tt := range tests { diff --git a/cmd/flux/testdata/create_secret/git/secret-git-only-pwd.yaml b/cmd/flux/testdata/create_secret/git/secret-git-only-pwd.yaml new file mode 100644 index 0000000000..ca31ec0318 --- /dev/null +++ b/cmd/flux/testdata/create_secret/git/secret-git-only-pwd.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: podinfo-auth + namespace: my-namespace +stringData: + password: my-password + diff --git a/pkg/manifestgen/sourcesecret/sourcesecret.go b/pkg/manifestgen/sourcesecret/sourcesecret.go index 41849b70c6..df2ba31cb1 100644 --- a/pkg/manifestgen/sourcesecret/sourcesecret.go +++ b/pkg/manifestgen/sourcesecret/sourcesecret.go @@ -148,8 +148,10 @@ func buildSecret(keypair *ssh.KeyPair, hostKey, caFile, certFile, keyFile, docke return } - if options.Username != "" && options.Password != "" { - secret.StringData[UsernameSecretKey] = options.Username + if options.Password != "" { + if options.Username != "" { + secret.StringData[UsernameSecretKey] = options.Username + } secret.StringData[PasswordSecretKey] = options.Password } if options.BearerToken != "" {