camh-
commented
4 years ago This has been done in https://github.com/foxygoat/git-scripts/pull/5
Closed camh- closed 4 years ago
camh-
commented
4 years ago This has been done in https://github.com/foxygoat/git-scripts/pull/5
Credential helpers provide authentication credentials for a credential context. A credential context is a host or repository specified in a git config file that says what username to use for that context - host or repository. However the man page for
gitcredentials(1)says under the CREDENTIAL CONTEXTS section:When we use GitHub we often want to to this because
https://example.com/baris reallyhttps://github.com/org. We may use different accounts for different organisations so we want to select credentials with a context of a subpath of a repository, which is explicitly not supported.We can get around this by writing a credential helper (see
git-credential(1)) that reads the host and path and then successively looks up shorter paths in the git config until it finds a matching context, and then chains to another git-credential helper substituting the username found in that context.For
storeanderaseoperations, we can pass straight through to the chained helper. Forgetoperations, we'll need to do this lookup.A sample git config fragment for how this would work:
This assumes the credential helper is called
subpath(git-credential-subpathas a program on the path), and you would normally use thestorecredential helper.If the repository
https://github.com/org1/repo1were being used, the credential context would behttps://github.com/as per git's built-in rules. When thesubpathhelper is called, it would look at the git config forhttps://github.com/org1(stripping/repofrom the path) to see if that exist. If it does, it takes the username from the config. If not, it keep stripping each component of the path until there are none left. If no matches at all, it just passes through the original request to the chained helper.