Skip to content

ttys3/git-credential-readonly

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.github
.github
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
main.go
main.go
 
 
main_test.go
main_test.go
 
 

Repository files navigation

git-credential-readonly

this is a git credential helper that only reads from the credential store, and never writes to it.

in a word, it is a drop-in replacement for git-credential-store that only handle get action, and silently ignore store and erase.

it exists because the git built-in credential helper store will always write back to the credential store file.

which will cause problem when you have different store config for both user personal token and organization personal token.

for example:

[credential "https://github.com/org-name/"]
	helper = readonly --file ~/.git-credentials-org

[credential]
	helper = readonly

if you use store instead of readonly, it will always write back to the credential store file, which will cause problem after you use organization token, it will write the organization token back to the user credential store file. so you personal token (by default in ~/.git-credentials) will be overwritten by the organization token. due to both auth host name are the same.

install

go install github.com/ttys3/git-credential-readonly@latest
usage: `git-credential-readonly <get|store|erase>`
git config --global credential.helper readonly

how to use with same host with diff token?

the credential.helper config sequence is important, git will match against it until it get the matched credentials.

so organization specific token should goes first.

# organization specific token
[credential "https://github.com/your-org/"]
	helper = readonly --file ~/.git-credentials-org
	# https://git-scm.com/docs/gitcredentials#Documentation/gitcredentials.txt-useHttpPath
	# uncomment below if you need match path by username or org name
	# for example: repo path `foo/bar.git`, will match path by `foo`
	#useHttpPath = true

# general personal token
[credential]
	helper = readonly

[url "https://github.com/"]
	insteadOf = [email protected]:

the credential files:

~/.git-credentials-org:

https://username:[email protected]

~/.git-credentials:

https://username:[email protected]

you can also use personal and org tokens in one file:

the config:

# github specific token
[credential "https://github.com/"]
	helper = readonly --file ~/.git-credentials-org
	# https://git-scm.com/docs/gitcredentials#Documentation/gitcredentials.txt-useHttpPath
	# uncomment below if you need match path by username or org name
	# for example: repo path `foo/bar.git`, will match path by `foo`
	useHttpPath = true

the credential files:

~/.git-credentials-org:

https://username:[email protected]/username
https://username:[email protected]/org-foo
https://username:[email protected]/org-bar

docs

https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage#_a_custom_credential_cache

About

git-credential-readonly

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

v1.1.1 Latest
Aug 11, 2024

Packages

No packages published

Contributors 2

  •  
  •  

Languages