@@ -49,6 +49,8 @@ BeforeEach(func() {
4949- ` CreateRepo(owner, name string, private bool) (url string, cleanup func(), err error) ` - Create repository
5050- ` CreateRandomRepo(owner string, private bool) (name, url string, cleanup func(), err error) ` - Create repo with random name
5151- ` CreateAccessToken(username, password, tokenName string) (string, error) ` - Generate access token
52+ - ` CreateSSHKey(username, password, title, publicKey string) error ` - Register SSH public key for user
53+ - ` SSHRepoURL(owner, repo string) (string, error) ` - Get SSH URL for a repository
5254
5355** E2E Helper Functions:**
5456- ` InitializeRepoWithFunction(url, user, pass, lang) ` - Clone, init function, push
@@ -90,12 +92,88 @@ DeferCleanup(cleanup)
9092// Create access token
9193token , err := repoProvider.CreateAccessToken (username, password, " test-token" )
9294
93- // Use token in Function spec
95+ // Create auth secret with token
96+ secret := &v1.Secret {
97+ ObjectMeta : metav1.ObjectMeta {
98+ GenerateName: " git-auth-" ,
99+ Namespace: functionNamespace,
100+ },
101+ Data : map [string ][]byte {
102+ " token" : []byte (token),
103+ },
104+ }
105+
106+ // Use in Function spec
107+ Spec: functionsdevv1alpha1.FunctionSpec {
108+ Repository : functionsdevv1alpha1.FunctionSpecRepository {
109+ URL: repoURL,
110+ AuthSecretRef: &v1.LocalObjectReference {
111+ Name: secret.Name ,
112+ },
113+ },
114+ }
115+ ```
116+
117+ ## Testing SSH Repositories
118+
119+ ``` go
120+ BeforeEach (func () {
121+ // Create user and HTTP repo as usual
122+ username , password , _ , cleanup , err := repoProvider.CreateRandomUser ()
123+ Expect (err).NotTo (HaveOccurred ())
124+ DeferCleanup (cleanup)
125+
126+ repoName , repoURL , cleanup , err := repoProvider.CreateRandomRepo (username, false )
127+ Expect (err).NotTo (HaveOccurred ())
128+ DeferCleanup (cleanup)
129+
130+ // Generate SSH keypair and register with Gitea
131+ keyDir , err := os.MkdirTemp (" " , " ssh-e2e-*" )
132+ Expect (err).NotTo (HaveOccurred ())
133+ DeferCleanup (os.RemoveAll , keyDir)
134+
135+ sshKeyPath := filepath.Join (keyDir, " id_ed25519" )
136+ cmd := exec.Command (" ssh-keygen" , " -t" , " ed25519" , " -f" , sshKeyPath, " -N" , " " , " -q" )
137+ _, err = utils.Run (cmd)
138+ Expect (err).NotTo (HaveOccurred ())
139+
140+ pubKeyBytes , err := os.ReadFile (sshKeyPath + " .pub" )
141+ Expect (err).NotTo (HaveOccurred ())
142+
143+ err = repoProvider.CreateSSHKey (username, password, " e2e-key" , string (pubKeyBytes))
144+ Expect (err).NotTo (HaveOccurred ())
145+
146+ sshRepoURL , err := repoProvider.SSHRepoURL (username, repoName)
147+ Expect (err).NotTo (HaveOccurred ())
148+
149+ // Initialize repo via HTTP (SSH is for the operator, not test setup)
150+ repoDir, err = utils.InitializeRepoWithFunction (repoURL, username, password, " go" )
151+ Expect (err).NotTo (HaveOccurred ())
152+ DeferCleanup (os.RemoveAll , repoDir)
153+ })
154+ ```
155+
156+ ### SSH Auth Secret
157+
158+ The operator authenticates SSH connections using a Kubernetes Secret with an ` sshPrivateKey ` field:
159+
160+ ``` go
161+ secret := &v1.Secret {
162+ ObjectMeta : metav1.ObjectMeta {
163+ GenerateName: " git-ssh-auth-" ,
164+ Namespace: functionNamespace,
165+ },
166+ Data : map [string ][]byte {
167+ " sshPrivateKey" : privateKeyBytes,
168+ },
169+ }
170+
171+ // Use in Function spec
94172Spec: functionsdevv1alpha1.FunctionSpec {
95- Source : functionsdevv1alpha1.FunctionSpecSource {
96- RepositoryURL: repoURL ,
97- Credentials : &functionsdevv1alpha1. Credentials {
98- Token: token ,
173+ Repository : functionsdevv1alpha1.FunctionSpecRepository {
174+ URL: sshRepoURL ,
175+ AuthSecretRef : &v1. LocalObjectReference {
176+ Name: secret. Name ,
99177 },
100178 },
101179}
0 commit comments