From 305f4ee8eb0fc6c34705a4dedcfc220995fb6b15 Mon Sep 17 00:00:00 2001 From: Pierre Vanduynslager Date: Tue, 13 Feb 2018 16:11:00 -0500 Subject: [PATCH] fix: do not transform repositoryUrl if it allow to push Even the user set Git credentials via environment variable, use the configured URL (with authentication) if it works. This allow users to push tags and commits via ssh while still using the GitHub/GitLab API. --- lib/get-config.js | 6 ++++-- test/get-config.test.js | 13 +++++++++++++ test/integration.test.js | 4 ++-- 3 files changed, 19 insertions(+), 4 deletions(-) diff --git a/lib/get-config.js b/lib/get-config.js index 98914eae..db719feb 100644 --- a/lib/get-config.js +++ b/lib/get-config.js @@ -3,7 +3,7 @@ const readPkgUp = require('read-pkg-up'); const cosmiconfig = require('cosmiconfig'); const resolveFrom = require('resolve-from'); const debug = require('debug')('semantic-release:config'); -const {repoUrl} = require('./git'); +const {repoUrl, verifyAuth} = require('./git'); const PLUGINS_DEFINITIONS = require('./definitions/plugins'); const plugins = require('./plugins'); const getGitAuthUrl = require('./get-git-auth-url'); @@ -51,7 +51,9 @@ module.exports = async (opts, logger) => { ...pickBy(options, option => !isUndefined(option) && !isNull(option)), }; - options.repositoryUrl = options.repositoryUrl ? getGitAuthUrl(options.repositoryUrl) : options.repositoryUrl; + if (!await verifyAuth(options.repositoryUrl, options.branch)) { + options.repositoryUrl = options.repositoryUrl ? getGitAuthUrl(options.repositoryUrl) : options.repositoryUrl; + } debug('options values: %O', options); diff --git a/test/get-config.test.js b/test/get-config.test.js index 4b35da6b..57702f6c 100644 --- a/test/get-config.test.js +++ b/test/get-config.test.js @@ -80,6 +80,19 @@ test.serial('Default values, reading repositoryUrl (http url) from package.json t.is(options.tagFormat, `v\${version}`); }); +test.serial('Do not add git credential to repositoryUrl if push is allowed', async t => { + process.env.GIT_CREDENTIALS = 'user:pass'; + // Create a git repository, set the current working directory at the root of the repo + const repositoryUrl = await gitRepo(true); + const pkg = {repository: repositoryUrl}; + // Create package.json in repository root + await outputJson('./package.json', pkg); + + const {options} = await t.context.getConfig(); + + t.is(options.repositoryUrl, repositoryUrl); +}); + test.serial('Read options from package.json', async t => { const release = { analyzeCommits: {path: 'analyzeCommits', param: 'analyzeCommits_param'}, diff --git a/test/integration.test.js b/test/integration.test.js index 1c0b24e6..b3b7c560 100644 --- a/test/integration.test.js +++ b/test/integration.test.js @@ -603,11 +603,11 @@ test.serial('Exit with 1 if missing permission to push to the remote repository' // Create a git repository, set the current working directory at the root of the repo t.log('Create git repository'); - const {repositoryUrl} = await gitbox.createRepo(packageName); + await gitbox.createRepo(packageName); await writeJson('./package.json', { name: packageName, version: '0.0.0-dev', - repository: {url: repositoryUrl}, + repository: {url: 'http://user:wrong_pass@localhost:2080/git/unauthorized.git'}, }); /* Initial release */