Open yaitskov opened 3 years ago
That sounds like a good idea. Maybe we can even unify this with the "template" feature used in e.g. URL templates (where <foo>
in a string is replaced with the value of the foo
attribute).
Some expression language (mustache?) supporting environment variables would help here a lot.
I would be hesitant to bring any expression language during the nix evaluation. It would add that language as a dependency to every niv user.
Then the next idea is implement the interpreter for the expression language in nix itself. That seems like a project in itself.
My proposal to solve this problem would be to add a system of mirror to niv and upgrade the template feature to support environment variable.
In you case, the first mirror would be the regular url ssh://git@gitlab.com/company/private-dep.git
and the second would be to modified url for the gitlab-ci ssh://gitlab-ci-token:<CI_JOB_TOKEN>@gitlab.com/company/private-dep.git
.
The biggest uncertainty of this approach is that we need to change each fetchers to support mirrors since I don't think we can do it generically in nix.
Specifically for HTTP fetches, libcurl reads the user's ~/.netcrc file for basic auth type credentials. Maybe Git is also respecting that file?
I'm thinking in terms of addressing the underlying issue.
Yes, git does respect netrc
On Sat, 14 Aug 2021 at 12:21, Jonas Chevalier @.***> wrote:
Specifically for HTTP fetches, libcurl reads the user's ~/.netcrc file for basic auth type credentials. Maybe Git is also respecting that file?
I'm thinking in terms of addressing the underlying issue.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/nmattia/niv/issues/321#issuecomment-898881494, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACQTQP43MZV4ELQRWHTNETT4ZGTRANCNFSM45MDPAHA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email .
-- Adrian Gierakowski
What about other https mirrors that need authentication in the form of cookies?
I spent a few days of integrating a cascade of CI for several projects on gitlab.
The issue is ssh authentication. Every git repo is private. gitlab has a hack - special user with token.
so if sources.json instead of:
would contain following:
then there is no hassle with ssh keys at all.
Some expression language (mustache?) supporting environment variables would help here a lot.