From dc1d2213dc8b83881507296a41a025d801d09529 Mon Sep 17 00:00:00 2001 From: Grant Linville Date: Fri, 12 Apr 2024 15:12:42 -0400 Subject: [PATCH 1/2] fix: credentials: don't store creds for local credential tools Signed-off-by: Grant Linville --- pkg/runner/runner.go | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/pkg/runner/runner.go b/pkg/runner/runner.go index 82f1f617..37b3b2a3 100644 --- a/pkg/runner/runner.go +++ b/pkg/runner/runner.go @@ -6,6 +6,7 @@ import ( "fmt" "os" "path/filepath" + "strings" "sync" "time" @@ -340,9 +341,18 @@ func (r *Runner) handleCredentials(callCtx engine.Context, monitor Monitor, env } for _, credToolName := range callCtx.Tool.Credentials { - cred, exists, err := store.Get(credToolName) - if err != nil { - return nil, fmt.Errorf("failed to get credentials for tool %s: %w", credToolName, err) + var ( + cred *credentials.Credential + exists bool + err error + ) + + // Only try to look up the cred if the tool is on GitHub. + if strings.HasPrefix(credToolName, "github.com") { + cred, exists, err = store.Get(credToolName) + if err != nil { + return nil, fmt.Errorf("failed to get credentials for tool %s: %w", credToolName, err) + } } // If the credential doesn't already exist in the store, run the credential tool in order to get the value, @@ -375,7 +385,7 @@ func (r *Runner) handleCredentials(callCtx engine.Context, monitor Monitor, env } // Only store the credential if the tool is on GitHub. - if callCtx.Program.ToolSet[credToolID].Source.Repo != nil { + if strings.HasPrefix(credToolName, "github.com") && callCtx.Program.ToolSet[credToolID].Source.Repo != nil { if err := store.Add(*cred); err != nil { return nil, fmt.Errorf("failed to add credential for tool %s: %w", credToolName, err) } From ed149e3bb74bcfcfc7806639f9789f88d23e98a5 Mon Sep 17 00:00:00 2001 From: Grant Linville Date: Fri, 12 Apr 2024 15:45:23 -0400 Subject: [PATCH 2/2] PR feedback Signed-off-by: Grant Linville --- pkg/runner/runner.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/pkg/runner/runner.go b/pkg/runner/runner.go index 37b3b2a3..7f5a57b7 100644 --- a/pkg/runner/runner.go +++ b/pkg/runner/runner.go @@ -348,7 +348,7 @@ func (r *Runner) handleCredentials(callCtx engine.Context, monitor Monitor, env ) // Only try to look up the cred if the tool is on GitHub. - if strings.HasPrefix(credToolName, "github.com") { + if isGitHubTool(credToolName) { cred, exists, err = store.Get(credToolName) if err != nil { return nil, fmt.Errorf("failed to get credentials for tool %s: %w", credToolName, err) @@ -385,7 +385,7 @@ func (r *Runner) handleCredentials(callCtx engine.Context, monitor Monitor, env } // Only store the credential if the tool is on GitHub. - if strings.HasPrefix(credToolName, "github.com") && callCtx.Program.ToolSet[credToolID].Source.Repo != nil { + if isGitHubTool(credToolName) && callCtx.Program.ToolSet[credToolID].Source.Repo != nil { if err := store.Add(*cred); err != nil { return nil, fmt.Errorf("failed to add credential for tool %s: %w", credToolName, err) } @@ -401,3 +401,7 @@ func (r *Runner) handleCredentials(callCtx engine.Context, monitor Monitor, env return env, nil } + +func isGitHubTool(toolName string) bool { + return strings.HasPrefix(toolName, "github.com") +}