interal/gapicgen: simplify auth
Removes the need for an ssh key, relying only on the access token. This
simplifies automating running these binaries significantly.
Change-Id: Ibb07df64b564eb8239016b08aa945f7fb5dc25df
Reviewed-on: https://code-review.googlesource.com/c/gocloud/+/49413
Reviewed-by: Noah Dietz <ndietz@google.com>
diff --git a/internal/gapicgen/cmd/genbot/Dockerfile b/internal/gapicgen/cmd/genbot/Dockerfile
index 805c31c..895522b 100644
--- a/internal/gapicgen/cmd/genbot/Dockerfile
+++ b/internal/gapicgen/cmd/genbot/Dockerfile
@@ -72,6 +72,7 @@
RUN echo -e '#!/bin/bash\n\
set -ex\n\
+echo "https://$GITHUB_USERNAME:$GITHUB_ACCESS_TOKEN@github.com" > ~/.git-credentials \n\
dockerd-entrypoint.sh &\n\
unset DOCKER_HOST\n\
go mod download & # download deps whilst we wait for dockerd to start \n\
@@ -79,11 +80,10 @@
docker ps\n\
docker pull googleapis/artman:latest & # download latest artman whilst we wait for genbot to start \n\
go run cloud.google.com/go/internal/gapicgen/cmd/genbot \
- --accessToken=$ACCESS_TOKEN \
+ --githubAccessToken=$GITHUB_ACCESS_TOKEN \
--githubUsername=$GITHUB_USERNAME \
--githubName="$GITHUB_NAME" \
--githubEmail=$GITHUB_EMAIL \
- --githubSSHKeyPath=$GITHUB_SSH_KEY_PATH \
--gerritCookieName=$GERRIT_COOKIE_NAME \
--gerritCookieValue=$GERRIT_COOKIE_VALUE \n\
' >> /run.sh
diff --git a/internal/gapicgen/cmd/genbot/README.md b/internal/gapicgen/cmd/genbot/README.md
index 1d8d5a3..130174f 100644
--- a/internal/gapicgen/cmd/genbot/README.md
+++ b/internal/gapicgen/cmd/genbot/README.md
@@ -10,22 +10,22 @@
## Running locally
-Note: this may change your ~/.gitconfig, ~/.gitcookies, and use up non-trivial
-amounts of space on your computer.
+Note: this may change your `~/.gitconfig`, `~/.gitcookies`, and use up
+non-trivial amounts of space on your computer.
1. Make sure you have all the tools installed listed in genlocal's README.md
-1. Create a fork of genproto for whichever github user you're going to be
- running as: https://github.com/googleapis/go-genproto/
-1. Run:
+2. Run:
```
+export GITHUB_USERNAME=jadekler
+export GITHUB_ACCESS_TOKEN=11223344556677889900aabbccddeeff11223344
+echo "https://$GITHUB_USERNAME:$GITHUB_ACCESS_TOKEN@github.com" > ~/.git-credentials
cd /path/to/internal/gapicgen
go run cloud.google.com/go/internal/gapicgen/cmd/genbot \
- --accessToken=11223344556677889900aabbccddeeff11223344 \
- --githubUsername=jadekler \
+ --githubAccessToken=$GITHUB_ACCESS_TOKEN \
+ --githubUsername=$GITHUB_USERNAME \
--githubName="Jean de Klerk" \
--githubEmail=deklerk@google.com \
- --githubSSHKeyPath=/path/to/.ssh/github_rsa \
--gerritCookieName=o \
--gerritCookieValue=<cookie>
```
@@ -42,12 +42,10 @@
docker build . -t genbot
docker run -t --rm --privileged \
-v `pwd`/../..:/gapicgen \
- -v /path/to/your/ssh/key/directory:/.ssh \
- -e "ACCESS_TOKEN=11223344556677889900aabbccddeeff11223344" \
+ -e "GITHUB_ACCESS_TOKEN=11223344556677889900aabbccddeeff11223344" \
-e "GITHUB_USERNAME=jadekler" \
-e "GITHUB_NAME=\"Jean de Klerk\"" \
-e "GITHUB_EMAIL=deklerk@google.com" \
- -e "GITHUB_SSH_KEY_PATH=/.ssh/name_of_your_github_rsa_file" \
-e "GERRIT_COOKIE_NAME=o" \
-e "GERRIT_COOKIE_VALUE=<cookie>" \
genbot
diff --git a/internal/gapicgen/cmd/genbot/genproto.go b/internal/gapicgen/cmd/genbot/genproto.go
index 38330e6..5596dc2 100644
--- a/internal/gapicgen/cmd/genbot/genproto.go
+++ b/internal/gapicgen/cmd/genbot/genproto.go
@@ -59,21 +59,15 @@
c := exec.Command("/bin/bash", "-c", `
set -ex
-git remote -v
-
-eval $(ssh-agent)
-ssh-add $GITHUB_KEY
-
-git remote add regen_remote $FORK_URL
-git checkout master
+git config credential.helper store # cache creds from ~/.git-credentials
git branch -D $BRANCH_NAME || true
-git push -d regen_remote $BRANCH_NAME || true
+git push -d origin $BRANCH_NAME || true
git add -A
git checkout -b $BRANCH_NAME
git commit -m "$COMMIT_TITLE" -m "$COMMIT_BODY"
-git push regen_remote $BRANCH_NAME
+git push origin $BRANCH_NAME
`)
c.Stdout = os.Stdout
c.Stderr = os.Stderr
@@ -81,18 +75,16 @@
c.Env = []string{
fmt.Sprintf("PATH=%s", os.Getenv("PATH")), // TODO(deklerk): Why do we need to do this? Doesn't seem to be necessary in other exec.Commands.
fmt.Sprintf("HOME=%s", os.Getenv("HOME")), // TODO(deklerk): Why do we need to do this? Doesn't seem to be necessary in other exec.Commands.
- fmt.Sprintf("FORK_URL=%s", fmt.Sprintf("git@github.com:%s/go-genproto.git", *githubUsername)),
fmt.Sprintf("COMMIT_TITLE=%s", genprotoCommitTitle),
fmt.Sprintf("COMMIT_BODY=%s", genprotoCommitBody),
fmt.Sprintf("BRANCH_NAME=%s", genprotoBranchName),
- fmt.Sprintf("GITHUB_KEY=%s", *githubSSHKeyPath),
}
c.Dir = genprotoDir
if err := c.Run(); err != nil {
return 0, err
}
- head := fmt.Sprintf("%s:%s", *githubUsername, genprotoBranchName)
+ head := fmt.Sprintf("googleapis:" + genprotoBranchName)
base := "master"
t := genprotoCommitTitle // Because we have to take the address.
b := genprotoCommitBody // Because we have to take the address.
@@ -136,13 +128,11 @@
c := exec.Command("/bin/bash", "-c", `
set -ex
-eval $(ssh-agent)
-ssh-add $GITHUB_KEY
+git config credential.helper store # cache creds from ~/.git-credentials
-git remote add amend_remote $FORK_URL
git checkout $BRANCH_NAME
git commit --amend -m "$COMMIT_TITLE" -m "$COMMIT_BODY"
-git push -f amend_remote $BRANCH_NAME
+git push -f origin $BRANCH_NAME
`)
c.Stdout = os.Stdout
c.Stderr = os.Stderr
@@ -150,11 +140,9 @@
c.Env = []string{
fmt.Sprintf("PATH=%s", os.Getenv("PATH")), // TODO(deklerk): Why do we need to do this? Doesn't seem to be necessary in other exec.Commands.
fmt.Sprintf("HOME=%s", os.Getenv("HOME")), // TODO(deklerk): Why do we need to do this? Doesn't seem to be necessary in other exec.Commands.
- fmt.Sprintf("FORK_URL=%s", fmt.Sprintf("git@github.com:%s/go-genproto.git", *githubUsername)),
fmt.Sprintf("COMMIT_TITLE=%s", genprotoCommitTitle),
fmt.Sprintf("COMMIT_BODY=%s", newBody),
fmt.Sprintf("BRANCH_NAME=%s", genprotoBranchName),
- fmt.Sprintf("GITHUB_KEY=%s", *githubSSHKeyPath),
}
c.Dir = genprotoDir
if err := c.Run(); err != nil {
diff --git a/internal/gapicgen/cmd/genbot/main.go b/internal/gapicgen/cmd/genbot/main.go
index 9e5dc7d..e2779d8 100644
--- a/internal/gapicgen/cmd/genbot/main.go
+++ b/internal/gapicgen/cmd/genbot/main.go
@@ -38,25 +38,23 @@
var (
toolsNeeded = []string{"git", "pip", "virtualenv", "python", "go", "protoc", "docker", "artman"}
- accessToken = flag.String("accessToken", "", "Get an access token at https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line")
+ githubAccessToken = flag.String("githubAccessToken", "", "Get an access token at https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line")
githubUsername = flag.String("githubUsername", "", "ex -githubUsername=jadekler")
githubName = flag.String("githubName", "", "ex -githubName=\"Jean de Klerk\"")
githubEmail = flag.String("githubEmail", "", "ex -githubEmail=deklerk@google.com")
- githubSSHKeyPath = flag.String("githubSSHKeyPath", "", "ex -githubSSHKeyPath=/Users/deklerk/.ssh/github_rsa")
gerritCookieName = flag.String("gerritCookieName", "", "ex: -gerritCookieName=o")
gerritCookieValue = flag.String("gerritCookieValue", "", "ex: -gerritCookieValue=git-your@email.com=SomeHash....")
usage = func() {
fmt.Fprintln(os.Stderr, `genbot \
- -accessToken=11223344556677889900aabbccddeeff11223344 \
+ -githubAccessToken=11223344556677889900aabbccddeeff11223344 \
-githubUsername=jadekler \
-githubEmail=deklerk@google.com \
-githubName="Jean de Klerk" \
- -githubSSHKeyPath=/Users/deklerk/.ssh/github_rsa \
-gerritCookieName=o \
-gerritCookieValue=git-your@email.com=SomeHash....
--accessToken
+-githubAccessToken
The access token to authenticate to github. Get this at https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line.
-githubUsername
@@ -68,9 +66,6 @@
-githubEmail
The email to use in the github commit.
--githubSSHKeyPath
- The ssh key to use in the github commit.
-
-gerritCookieName
The name of the cookie. Almost certainly "o".
@@ -87,11 +82,10 @@
flag.Parse()
for k, v := range map[string]string{
- "accessToken": *accessToken,
+ "accessToken": *githubAccessToken,
"githubUsername": *githubUsername,
"githubName": *githubName,
"githubEmail": *githubEmail,
- "githubSSHKeyPath": *githubSSHKeyPath,
"gerritCookieName": *gerritCookieName,
"gerritCookieValue": *gerritCookieValue,
} {
@@ -114,7 +108,7 @@
}
ts := oauth2.StaticTokenSource(
- &oauth2.Token{AccessToken: *accessToken},
+ &oauth2.Token{AccessToken: *githubAccessToken},
)
tc := oauth2.NewClient(ctx, ts)
githubClient := github.NewClient(tc)
diff --git a/internal/gapicgen/cmd/genmgr/README.md b/internal/gapicgen/cmd/genmgr/README.md
index 8fd6819..5ba9146 100644
--- a/internal/gapicgen/cmd/genmgr/README.md
+++ b/internal/gapicgen/cmd/genmgr/README.md
@@ -23,12 +23,12 @@
## Running locally
-Note: this may change your ~/.gitconfig and ~/.gitcookies.
+Note: this may change your `~/.gitconfig` and `~/.gitcookies`.
```
cd /path/to/internal/gapicgen
go run cloud.google.com/go/internal/gapicgen/cmd/genmgr \
- --accessToken=11223344556677889900aabbccddeeff11223344 \
+ --githubAccessToken=11223344556677889900aabbccddeeff11223344 \
--githubName="Jean de Klerk" \
--githubEmail=deklerk@google.com \
--gerritCookieName=o \
@@ -45,8 +45,7 @@
docker build . -t genmgr
docker run -t --rm --privileged \
-v `pwd`/../..:/gapicgen \
- -v /path/to/your/ssh/key/directory:/.ssh \
- -e "ACCESS_TOKEN=11223344556677889900aabbccddeeff11223344" \
+ -e "GITHUB_ACCESS_TOKEN=11223344556677889900aabbccddeeff11223344" \
-e "GITHUB_NAME=\"Jean de Klerk\"" \
-e "GITHUB_EMAIL=deklerk@google.com" \
-e "GERRIT_COOKIE_NAME=o" \
diff --git a/internal/gapicgen/cmd/genmgr/main.go b/internal/gapicgen/cmd/genmgr/main.go
index 5783201..617de45 100644
--- a/internal/gapicgen/cmd/genmgr/main.go
+++ b/internal/gapicgen/cmd/genmgr/main.go
@@ -38,7 +38,7 @@
gocloudReviewers = []string{"codyoss@google.com", "deklerk@google.com", "tbp@google.com", "cbro@google.com", "hongalex@google.com", "ndietz@google.com", "cjcotter@google.com"}
- accessToken = flag.String("accessToken", "", "Get an access token at https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line")
+ githubAccessToken = flag.String("githubAccessToken", "", "Get an access token at https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line")
githubName = flag.String("githubName", "", "ex -githubName=\"Jean de Klerk\"")
githubEmail = flag.String("githubEmail", "", "ex -githubEmail=deklerk@google.com")
gerritCookieName = flag.String("gerritCookieName", "", "ex: -gerritCookieName=o")
@@ -46,11 +46,11 @@
usage = func() {
fmt.Fprintln(os.Stderr, `genmgr \
- -accessToken=11223344556677889900aabbccddeeff11223344 \
+ -githubAccessToken=11223344556677889900aabbccddeeff11223344 \
-gerritCookieName=o \
-gerritCookieValue=git-your@email.com=SomeHash....
--accessToken
+-githubAccessToken
The access token to authenticate to github. Get this at https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line.
-githubName
@@ -75,7 +75,7 @@
flag.Parse()
for k, v := range map[string]string{
- "accessToken": *accessToken,
+ "githubAccessToken": *githubAccessToken,
"githubName": *githubName,
"githubEmail": *githubEmail,
"gerritCookieName": *gerritCookieName,
@@ -100,7 +100,7 @@
}
ts := oauth2.StaticTokenSource(
- &oauth2.Token{AccessToken: *accessToken},
+ &oauth2.Token{AccessToken: *githubAccessToken},
)
tc := oauth2.NewClient(ctx, ts)
githubClient := github.NewClient(tc)
