Update git workflow template to perform user auth via script

Change-Id: Ic04d2dd5bd713db599696a759361839391eaa19c
Signed-off-by: garciadeblas <gerardo.garciadeblas@telefonica.com>

diff --git a/installers/flux/templates/sw-catalogs/infra-configs/osm-workflows/templates/wf-templates/building-blocks/git-wft.yaml b/installers/flux/templates/sw-catalogs/infra-configs/osm-workflows/templates/wf-templates/building-blocks/git-wft.yaml
index 568a2dd..01b19e1 100644 (file)
--- a/installers/flux/templates/sw-catalogs/infra-configs/osm-workflows/templates/wf-templates/building-blocks/git-wft.yaml
+++ b/installers/flux/templates/sw-catalogs/infra-configs/osm-workflows/templates/wf-templates/building-blocks/git-wft.yaml
@@ -55,34 +55,30 @@ spec:
       source: |
         FULL_URL="{{inputs.parameters.repo_url}}"
         DESTINATION="{{inputs.parameters.destination_folder}}"
-        CLONE_URL=""
 
         echo "Cloning: ${FULL_URL} . . ."
 
         [[ -n "${DESTINATION}" ]] && mkdir -p "${DESTINATION}"
 
-        # Determine final clone URL
-        if [[ -z "${GIT_USER}" ]]; then
-          CLONE_URL="${FULL_URL}"
-        elif [[ -n "${GIT_PASS}" ]]; then
-          PROTOCOL=$(echo "${FULL_URL}" | awk -F '://' '{print $1}')
-          BASE_URL=$(echo "${FULL_URL}" | awk -F '://' '{print $2}')
-          CLONE_URL="${PROTOCOL}://${GIT_USER}@${BASE_URL}"
+        # Follow recommendation for user auth with git using a script git-creds.sh
+        cat << "EOF" > "${HOME}/git-creds.sh"
+        #!/bin/sh
+        if echo "$1" | grep -q '^Password'; then
+          echo "${GIT_PASS}"
         else
-          echo "ERROR: Malformed invocation."
-          echo "  FULL_URL=${FULL_URL}"
-          echo "  GIT_USER=${GIT_USER}"
-          echo "  DESTINATION=${DESTINATION}"
-          exit 1
+          echo "${GIT_USER}"
         fi
+        exit 0
+        EOF
+        chmod +x "${HOME}/git-creds.sh"
 
         # Clone
         mkdir -p /repos
         cd /repos
         if [[ -z "${DESTINATION}" ]]; then
-          echo -e "${GIT_PASS}\n" | git clone "${CLONE_URL}"
+          TTY=$(tty) GIT_USERNAME="${GIT_USER}" GIT_ASKPASS=~/git-creds.sh git clone "${FULL_URL}"
         else
-          echo -e "${GIT_PASS}\n" | git clone "${CLONE_URL}" "${DESTINATION}"
+          TTY=$(tty) GIT_USERNAME="${GIT_USER}" GIT_ASKPASS=~/git-creds.sh git clone "${FULL_URL}" "${DESTINATION}"
         fi
 
   - name: git-commit-merge-push
@@ -127,6 +123,18 @@ spec:
         MAIN_BRANCH="{{inputs.parameters.main_branch}}"
         DRY_RUN="{{inputs.parameters.dry_run}}"
 
+        # Follow recommendation for user auth with git using a script git-creds.sh
+        cat << "EOF" > "${HOME}/git-creds.sh"
+        #!/bin/sh
+        if echo "$1" | grep -q '^Password'; then
+          echo "${GIT_PASS}"
+        else
+          echo "${GIT_USER}"
+        fi
+        exit 0
+        EOF
+        chmod +x "${HOME}/git-creds.sh"
+
         # Go to the repo folder
         cd "${DESTINATION}"
 
@@ -147,7 +155,7 @@ spec:
         # Pull and merge branch
         git checkout ${MAIN_BRANCH}
         echo "Pulling latest commits from ${MAIN_BRANCH} branch (if any)..."
-        echo -e "${GIT_PASS}\n" | git pull
+        TTY=$(tty) GIT_USERNAME="${GIT_USER}" GIT_ASKPASS=~/git-creds.sh git pull
 
         echo "Merging branch ${CONTRIB_BRANCH} onto ${MAIN_BRANCH}..."
         git merge --no-ff "${CONTRIB_BRANCH}"
@@ -155,19 +163,7 @@ spec:
         if [[ "${DRY_RUN}" != "true" ]]
         then
           echo "Pushing..."
-          cat << "EOF" > "${HOME}/git-creds.sh"
-        #!/bin/sh
-        if echo "$1" | grep -q '^Password'; then
-          echo "${GIT_PASS}"
-        else
-          echo "${GIT_USER}"
-        fi
-        exit 0
-        EOF
-
-          chmod +x "${HOME}/git-creds.sh"
           TTY=$(tty) GIT_USERNAME="${GIT_USER}" GIT_ASKPASS=~/git-creds.sh git push origin "${MAIN_BRANCH}"
-
         else
           echo "DRY RUN - NO PUSH"
         fi