Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Working with two-way authentication in custom Gitlab server #895

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@

<!-- Your comment below this -->

- Added [two-way authentication](https://en.wikipedia.org/wiki/Mutual_authentication) support for gitlab - [@skyway777]

# 9.1.1

- Fixes TS declarations - [@orta]
Expand Down
10 changes: 10 additions & 0 deletions docs/guides/faq.html.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,16 @@ DEBUG="*" yarn danger ci

This will print out a _lot_ of information.

## I'm using two-way authentication in my Gitlab

You can use env-variables for working with certificates in Gitlab. E.g:

```sh
GITLAB_SSL_KEY=/path/to/my/key GITLAB_SSL_CERT=/path/to/mycert NODE_EXTRA_CA_CERTS=/path/to/my/ca/certs yarn danger pr https://my-gitlab/my-project/mr/453
```

Also you can set env variables in your Gitlab GUI

## Circle CI doesnt run my build consistently

Yeah... We're struggling with that one. It's something we keep taking stabs at improving, so [keep an eye on the
Expand Down
1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,7 @@
"@octokit/rest": "^16.14.1",
"chalk": "^2.3.0",
"commander": "^2.18.0",
"custom-node-gitlab-requester": "https://github.com/skyway777/custom-node-gitlab-requester",
"debug": "^4.1.1",
"get-stdin": "^6.0.0",
"gitlab": "~6.0.0",
Expand Down
4 changes: 4 additions & 0 deletions source/platforms/gitlab/GitLabAPI.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ import {
} from "../../dsl/GitLabDSL"

import { Gitlab } from "gitlab"
import { KyRequester } from "custom-node-gitlab-requester"

import { Env } from "../../ci_source/ci_source"
import { debug } from "../../debug"

Expand All @@ -20,6 +22,7 @@ export type GitLabAPIToken = string
export interface GitLabAPICredentials {
host: string
token: GitLabAPIToken
requester: typeof KyRequester
}

export function getGitLabAPICredentialsFromEnv(env: Env): GitLabAPICredentials {
Expand All @@ -35,6 +38,7 @@ export function getGitLabAPICredentialsFromEnv(env: Env): GitLabAPICredentials {
return {
host,
token: env["DANGER_GITLAB_API_TOKEN"],
requester: KyRequester,
}
}

Expand Down
62 changes: 62 additions & 0 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -2876,6 +2876,18 @@ currently-unhandled@^0.4.1:
dependencies:
array-find-index "^1.0.1"

"custom-node-gitlab-requester@https://github.com/skyway777/custom-node-gitlab-requester":
version "1.0.0"
resolved "https://github.com/skyway777/custom-node-gitlab-requester#2f256e8a3cbf08c8f1dc0a678203e1d312f0a1ad"
dependencies:
form-data "^2.5.0"
fs "^0.0.1-security"
gitlab "^10.0.0"
https "^1.0.0"
humps "^2.0.1"
ky-universal "^0.2.2"
query-string "^6.8.1"

danger-plugin-jest@^1.0.1:
version "1.1.0"
resolved "https://registry.yarnpkg.com/danger-plugin-jest/-/danger-plugin-jest-1.1.0.tgz#9b53e14a0483e6de5a65f8d58fbb6a8121a948d4"
Expand Down Expand Up @@ -3828,6 +3840,15 @@ form-data@^2.3.3:
combined-stream "^1.0.6"
mime-types "^2.1.12"

form-data@^2.5.0:
version "2.5.0"
resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.5.0.tgz#094ec359dc4b55e7d62e0db4acd76e89fe874d37"
integrity sha512-WXieX3G/8side6VIqx44ablyULoGruSde5PNTxoUyo5CeyAMX6nVWUd0rgist/EuX655cjhUhTo1Fo3tRYqbcA==
dependencies:
asynckit "^0.4.0"
combined-stream "^1.0.6"
mime-types "^2.1.12"

form-data@~2.3.1:
version "2.3.1"
resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.3.1.tgz#6fb94fbd71885306d73d15cc497fe4cc4ecd44bf"
Expand Down Expand Up @@ -3916,6 +3937,11 @@ fs.realpath@^1.0.0:
resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
integrity sha1-FQStJSMVjKpA20onh8sBQRmU6k8=

fs@^0.0.1-security:
version "0.0.1-security"
resolved "https://registry.yarnpkg.com/fs/-/fs-0.0.1-security.tgz#8a7bd37186b6dddf3813f23858b57ecaaf5e41d4"
integrity sha1-invTcYa23d84E/I4WLV+yq9eQdQ=

fsevents@^1.2.2:
version "1.2.4"
resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.2.4.tgz#f41dcb1af2582af3692da36fc55cbd8e1041c426"
Expand Down Expand Up @@ -4067,6 +4093,20 @@ gitconfiglocal@^1.0.0:
dependencies:
ini "^1.3.2"

gitlab@^10.0.0:
version "10.0.0"
resolved "https://registry.yarnpkg.com/gitlab/-/gitlab-10.0.0.tgz#71dec3b79a7716263f7c63bb465b66e76da6348b"
integrity sha512-I8teXj+JzYokyPsoMWRbDKqesNafwRlOqrq7tuNIaeotvsVr+jb9WzEMen+Zy/dHLI6aHN/fp4N5pe3plrdJjQ==
dependencies:
form-data "^2.3.3"
humps "^2.0.1"
ky "^0.11.0"
ky-universal "^0.2.1"
li "^1.3.0"
query-string "^6.8.1"
randomstring "^1.1.5"
universal-url "^2.0.0"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm worried that we have both gitlab 10, as we have gitlab locked to v6 in the app - have you tried updating gitlab to v10 and seeing if that can fix it in general?

Copy link
Author

@skyway777 skyway777 Jul 19, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At first, I've tried to use just node script without dangerjs with last gitlab as dependency.
This problem was reproduced.

Gitlab have an option to fix it - not very handy but working - send custom requester as parameter.
I made the fix with extra options
actually, this function in my code fixes my problem:

function buildAgent() {
    const { GITLAB_SSL_KEY, GITLAB_SSL_CERT } = process.env;

    if (GITLAB_SSL_KEY || GITLAB_SSL_CERT) {
        const key = readKey(GITLAB_SSL_KEY);
        const cert = readKey(GITLAB_SSL_CERT);

        return new https.Agent({
            key,
            cert,
        })
    }
    return;
}

If it would be better for this PR, I can downgrade some dependencies in my project.

Or, maybe, would be better to extend Dangerjs API to allow sending extra platform-specific options (github, bitbucket etc.) in dangerfile script? Like requester in gitlab https://github.com/jdalrymple/node-gitlab
It would allows me do not fork danger-js only to use it in my case.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might be worth giving this another shot now that #903 is in

This comment was marked as spam.


gitlab@~6.0.0:
version "6.0.0"
resolved "https://registry.yarnpkg.com/gitlab/-/gitlab-6.0.0.tgz#7bd44bf57dcb6b1231c70a52ea9b83934e6c1539"
Expand Down Expand Up @@ -4444,6 +4484,11 @@ https-proxy-agent@^2.2.0, https-proxy-agent@^2.2.1:
agent-base "^4.1.0"
debug "^3.1.0"

https@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/https/-/https-1.0.0.tgz#3c37c7ae1a8eeb966904a2ad1e975a194b7ed3a4"
integrity sha1-PDfHrhqO65ZpBKKtHpdaGUt+06Q=

humps@^2.0.1:
version "2.0.1"
resolved "https://registry.yarnpkg.com/humps/-/humps-2.0.1.tgz#dd02ea6081bd0568dc5d073184463957ba9ef9aa"
Expand Down Expand Up @@ -5653,6 +5698,14 @@ ky-universal@^0.2.1:
abort-controller "^3.0.0"
node-fetch "^2.3.0"

ky-universal@^0.2.2:
version "0.2.2"
resolved "https://registry.yarnpkg.com/ky-universal/-/ky-universal-0.2.2.tgz#7a36e1a75641a98f878157463513965f799f5bfe"
integrity sha512-fb32o/fKy/ux2ALWa9HU2hvGtfOq7/vn2nH0FpVE+jwNzyTeORlAbj3Fiw+WLMbUlmVqZIWupnLZ2USHvqwZHw==
dependencies:
abort-controller "^3.0.0"
node-fetch "^2.3.0"

ky@^0.11.0:
version "0.11.0"
resolved "https://registry.yarnpkg.com/ky/-/ky-0.11.0.tgz#032e01e10979f9f16682f6acff7daf43cafa5507"
Expand Down Expand Up @@ -7429,6 +7482,15 @@ query-string@^6.5.0:
split-on-first "^1.0.0"
strict-uri-encode "^2.0.0"

query-string@^6.8.1:
version "6.8.1"
resolved "https://registry.yarnpkg.com/query-string/-/query-string-6.8.1.tgz#62c54a7ef37d01b538c8fd56f95740c81d438a26"
integrity sha512-g6y0Lbq10a5pPQpjlFuojfMfV1Pd2Jw9h75ypiYPPia3Gcq2rgkKiIwbkS6JxH7c5f5u/B/sB+d13PU+g1eu4Q==
dependencies:
decode-uri-component "^0.2.0"
split-on-first "^1.0.0"
strict-uri-encode "^2.0.0"

quick-lru@^1.0.0:
version "1.1.0"
resolved "https://registry.yarnpkg.com/quick-lru/-/quick-lru-1.1.0.tgz#4360b17c61136ad38078397ff11416e186dcfbb8"
Expand Down