forked from HariSekhon/DevOps-Bash-tools
-
Notifications
You must be signed in to change notification settings - Fork 0
/
git_askpass.sh
executable file
·98 lines (76 loc) · 2.39 KB
/
git_askpass.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
#!/usr/bin/env bash
# vim:ts=4:sts=4:sw=4:et
# run: GIT_USERNAME=hari-s GIT_PASSWORD=testpass git_askpass.sh get
#
# Author: Hari Sekhon
# Date: 2022-08-24 15:35:06 +0100 (Wed, 24 Aug 2022)
#
# https://github.com/HariSekhon/DevOps-Bash-tools
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/HariSekhon
#
# https://git-scm.com/docs/gitcredentials
# https://git-scm.com/docs/git-credential
set -euo pipefail
# doesn't seem to pass through DEBUG environment variable when called via 'git credential fill' - will need to set -x explicitly
[ -n "${DEBUG:-}" ] && set -x
#set -x
usage(){
cat <<EOF
GIT_ASKPASS credential script to allow loading credentials from environment variables to Git dynamically
The \$GIT_ASKPASS environment variable should be set to the location of this script to have Git call it automatically
This program is designed to be called by the 'git' command in the form of:
git credential fill
Full example command:
echo url=https://github.com | GIT_ASKPASS=$0 git credential fill
which calls this script like so:
${0##*/} get
Environment variables used if available, in precedence order from left to right:
username = \$GIT_USERNAME, \$GIT_USER
password = \$GIT_TOKEN, \$GIT_PASSWORD
usage: ${0##*/} get
EOF
exit 3
}
if [ $# -ne 1 ] || [[ $* =~ - ]]; then
usage
fi
username_variables="
GIT_USERNAME
GIT_USER
"
password_variables="
GIT_TOKEN
GIT_PASSWORD
"
output_variable(){
local key="$1"
local variables="$2"
for var in $variables; do
if [ -n "${!var:-}" ]; then
echo "$key=${!var}"
break
fi
done
}
if [ "$1" = get ]; then
output_variable username "$username_variables"
output_variable password "$password_variables"
# have observed Git version 2.27.0 in ArgoCD calling the GIT_ASKPASS program twice with these 2 first arguments:
#
# 'Username for '\''https://github.com'\''
#
# and
#
# 'Password for '\''https://github.com'\''
#
# and then taking the entire first line returned as the value
elif [[ "$*" =~ Username ]]; then
output_variable username "$username_variables" | sed 's/^username=//'
elif [[ "$*" =~ Password ]]; then
output_variable password "$password_variables" | sed 's/^password=//'
fi