Skip to content

Commit 279d636

Browse files
Ru13enzakisk
authored andcommitted
feat(bitbucketdatacenter): allow service accounts to not require user in the set client
1 parent 529a725 commit 279d636

2 files changed

Lines changed: 48 additions & 11 deletions

File tree

pkg/provider/bitbucketdatacenter/bitbucketdatacenter.go

Lines changed: 22 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -276,9 +276,6 @@ func removeLastSegment(urlStr string) string {
276276
}
277277

278278
func (v *Provider) SetClient(ctx context.Context, run *params.Run, event *info.Event, repo *v1alpha1.Repository, _ *events.EventEmitter) error {
279-
if event.Provider.User == "" {
280-
return fmt.Errorf("no spec.git_provider.user has been set in the repo crd")
281-
}
282279
if event.Provider.Token == "" {
283280
return fmt.Errorf("no spec.git_provider.secret has been set in the repo crd")
284281
}
@@ -317,12 +314,31 @@ func (v *Provider) SetClient(ctx context.Context, run *params.Run, event *info.E
317314
v.run = run
318315
v.repo = repo
319316
v.triggerEvent = event.EventType
320-
_, resp, err := v.Client().Users.FindLogin(ctx, event.Provider.User)
317+
318+
var resp *scm.Response
319+
var err error
320+
if event.Provider.User != "" {
321+
_, resp, err = v.Client().Users.FindLogin(ctx, event.Provider.User)
322+
} else {
323+
if repo == nil {
324+
return fmt.Errorf("repository object is nil")
325+
}
326+
in := &scm.Request{
327+
Method: "GET",
328+
Path: repo.Spec.URL,
329+
Header: nil, // transport will inject Authorization header
330+
Body: nil,
331+
}
332+
resp, err = v.Client().Do(ctx, in)
333+
}
321334
if resp != nil && resp.Status == http.StatusUnauthorized {
322-
return fmt.Errorf("cannot get user %s with token: %w", event.Provider.User, err)
335+
if event.Provider.User != "" {
336+
return fmt.Errorf("failed validation of user %s with provided token: %w", event.Provider.User, err)
337+
}
338+
return fmt.Errorf("token validation failed: unauthorized")
323339
}
324340
if err != nil {
325-
return fmt.Errorf("cannot get user %s: %w", event.Provider.User, err)
341+
return fmt.Errorf("user validation failed with: %w", err)
326342
}
327343

328344
return nil

pkg/provider/bitbucketdatacenter/bitbucketdatacenter_test.go

Lines changed: 26 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ import (
1515
"testing"
1616
"time"
1717

18+
"github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/v1alpha1"
1819
"github.com/openshift-pipelines/pipelines-as-code/pkg/params"
1920
"github.com/openshift-pipelines/pipelines-as-code/pkg/params/clients"
2021
"github.com/openshift-pipelines/pipelines-as-code/pkg/params/info"
@@ -309,13 +310,14 @@ func TestSetClient(t *testing.T) {
309310
name string
310311
apiURL string
311312
opts *info.Event
313+
repo *v1alpha1.Repository
312314
wantErrSubstr string
313315
muxUser func(w http.ResponseWriter, r *http.Request)
314316
}{
315317
{
316-
name: "bad/no username",
318+
name: "bad/no token",
317319
opts: info.NewEvent(),
318-
wantErrSubstr: "no spec.git_provider.user",
320+
wantErrSubstr: "no spec.git_provider.secret",
319321
},
320322
{
321323
name: "bad/no secret",
@@ -350,7 +352,26 @@ func TestSetClient(t *testing.T) {
350352
_, _ = w.Write([]byte(`{"errors": [{"message": "Unauthorized"}]}`))
351353
},
352354
apiURL: "https://foo.bar/rest",
353-
wantErrSubstr: "cannot get user foo with token",
355+
wantErrSubstr: "failed validation of user foo with provided token: Unauthorized",
356+
},
357+
{
358+
name: "bad/invalid secret",
359+
opts: &info.Event{
360+
Provider: &info.Provider{
361+
Token: "bar",
362+
URL: "https://foo.bar",
363+
},
364+
},
365+
repo: &v1alpha1.Repository{
366+
Spec: v1alpha1.RepositorySpec{
367+
URL: "rest/api/1.0/users/foo",
368+
},
369+
},
370+
muxUser: func(w http.ResponseWriter, _ *http.Request) {
371+
w.WriteHeader(http.StatusUnauthorized)
372+
},
373+
apiURL: "https://foo.bar",
374+
wantErrSubstr: "token validation failed: unauthorized",
354375
},
355376
{
356377
name: "bad/unknown error",
@@ -366,7 +387,7 @@ func TestSetClient(t *testing.T) {
366387
_, _ = w.Write([]byte(`{"errors": [{"message": "Internal Server Error"}]}`))
367388
},
368389
apiURL: "https://foo.bar/rest",
369-
wantErrSubstr: "cannot get user foo: Internal Server Error",
390+
wantErrSubstr: "user validation failed with: Internal Server Error",
370391
},
371392
{
372393
name: "good/url append /rest",
@@ -399,7 +420,7 @@ func TestSetClient(t *testing.T) {
399420
mux.HandleFunc("/users/foo", tt.muxUser)
400421
}
401422
v := &Provider{client: client, baseURL: tURL}
402-
err := v.SetClient(ctx, fakeRun, tt.opts, nil, nil)
423+
err := v.SetClient(ctx, fakeRun, tt.opts, tt.repo, nil)
403424
if tt.wantErrSubstr != "" {
404425
assert.ErrorContains(t, err, tt.wantErrSubstr)
405426
return

0 commit comments

Comments
 (0)