Re architecture token handling#1974
Merged
dscho merged 6 commits intomaingitgitgadget/gitgitgadget:mainfrom Aug 15, 2025
re-architecture-token-handlinggitgitgadget/gitgitgadget:re-architecture-token-handlingCopy head branch name to clipboard
Merged
Re architecture token handling#1974dscho merged 6 commits intomaingitgitgadget/gitgitgadget:mainfrom re-architecture-token-handlinggitgitgadget/gitgitgadget:re-architecture-token-handlingCopy head branch name to clipboard
dscho merged 6 commits intomaingitgitgadget/gitgitgadget:mainfrom
re-architecture-token-handlinggitgitgadget/gitgitgadget:re-architecture-token-handlingCopy head branch name to clipboard
Conversation
This is not yet used, but will come in really handy when moving GitGitGadget to a GitHub Action. No more fiddling with secrets in the Git config! Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Previously, the token was automagically looked up via the Git config. However, it is better to be less automagic about it, and pass it through from the `CIHelper` (who will learn about the token in the next commits). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
It is much better to be intentional about repository access, especially in the upcoming GitHub Action, instead of magically setting the tokens via a couple of config variables. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Member
Author
|
I'll push some updates shortly (to make this more comprehensive a business of configuring tokens explicitly). |
This continues the new paradigm where the token is _not_ specified via the Git config, but explicitly via a method of the `CIHelper` class. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
When merging #1473 (Add support for distributed notes updates), I did not anticipate that the current Azure Pipelines were not prepared for that: Contrary to what I had remembered, they did _not_ simply configure `http.extraHeader` to be able to push (which is somewhat surprising because I authored them, and I typically did that a lot in the olden days). Happily, I _just_ introduced support for configuring a token in `CIHelper` that is specifically used for accessing `gitgitgadget/git`, including the Git notes pushes. Let's teach `misc-helper` about this new trick, and pick up the token that was configured via `set-app-token` and tell `CIHelper` to use it. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
This completes the journey where the token is specified explicitly. If you (like I did, when developing this patch) wonder how it worked before: The Azure Pipelines set the `publishRemote` to a URL that contains the token (which is also the reason why we need stunts like the `redactGitHubToken()` method). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
1a4407b to
ae860c0
Compare
Member
Author
|
I'll just go ahead and merge this, as I think it will fix all those Azure Pipeline failures. |
Member
Author
dscho
added a commit
that referenced
this pull request
Aug 16, 2025
In #1974, I changed the way the push token is handed down from CIHelper to GitGitGadget instead of relying on the Git config (or environment) to specify it implicitly. Let's do the same for the URL of the repository to which to push the Git notes and patch series iterations' tags. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
dscho
added a commit
that referenced
this pull request
Aug 16, 2025
In #1974, I changed the way the push token is handed down from CIHelper to GitGitGadget instead of relying on the Git config (or environment) to specify it implicitly. Let's do the same for the URL of the repository to which to push the Git notes and patch series iterations' tags. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
dscho
added a commit
to dscho/gitgitgadget
that referenced
this pull request
Aug 16, 2025
In gitgitgadget#1974, I changed the way the push token is handed down from CIHelper to GitGitGadget instead of relying on the Git config (or environment) to specify it implicitly. Let's do the same for the URL of the repository to which to push the Git notes and patch series iterations' tags. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
dscho
added a commit
to dscho/gitgitgadget
that referenced
this pull request
Aug 17, 2025
In gitgitgadget#1974, I changed the way the push token is handed down from CIHelper to GitGitGadget instead of relying on the Git config (or environment) to specify it implicitly. Let's do the same for the URL of the repository to which to push the Git notes and patch series iterations' tags. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Contributor
|
@dscho Sorry I did not get a chance to comment on this. I did review it and had no issues but was looking at the |
Member
Author
That is true! However, I am unclear whether it should be possible to publish to a separate remote altogether (there is no real need to "pollute" |
dscho
added a commit
that referenced
this pull request
Aug 20, 2025
In #1974, I changed the way the push token is handed down from CIHelper to GitGitGadget instead of relying on the Git config (or environment) to specify it implicitly. Let's do the same for the URL of the repository to which to push the Git notes and patch series iterations' tags. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The primary motivation for this change is to move GitGitGadget towards a set of GitHub Actions that are used in GitHub workflows. The urgency comes from a secondary, originally unanticipated motivation: When I merged #1473, I broke the current Azure Pipelines (the fancy push-or-merge-and-push strategy does not work because the Azure Pipelines cannot push the Git notes to
gitgitgadget/gitdue to missing authorization).So here comes a set of changes to allow specifying the token(s) to use by
CIHelperin a much more intentional way. Previously, the idea was that the token to use was specified via the Git config optionsgitgitgadget.githubToken(andgitgitgadget.git.githubTokenforgit/git, where GitGitGadget requires less permissions; It does not need to push, just do things like adding PR comments). This still works, for backwards-compatibility (at least until I managed to move everything over to GitHub Actions/workflows), but now there is a much more explicit way to configure the tokens to use for specific GitHub rogs in theCIHelperobject. This new method is now also called frommisc-helper, which should fix the Azure Pipelines.