From 411e6145e8158ff8e1daa22018baceb6fb6cd5a4 Mon Sep 17 00:00:00 2001 From: "alexandre.laroche.exfo" Date: Tue, 22 Apr 2025 08:01:35 -0400 Subject: [PATCH 1/2] Handle ci/cd job token --- lib/verify.js | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/verify.js b/lib/verify.js index fdfc3b7f..244cf26c 100644 --- a/lib/verify.js +++ b/lib/verify.js @@ -54,17 +54,25 @@ export default async (pluginConfig, context) => { } if (gitlabToken && projectPath) { + let tokenHeader; let projectAccess; let groupAccess; logger.log("Verify GitLab authentication (%s)", gitlabApiUrl); + switch(true) { + case str.startsWith("glcbt-"): + tokenHeader = "JOB-TOKEN" + default: + tokenHeader = "PRIVATE-TOKEN" + } + try { ({ permissions: { project_access: projectAccess, group_access: groupAccess }, } = await got .get(projectApiUrl, { - headers: { "PRIVATE-TOKEN": gitlabToken }, + headers: { tokenHeader: gitlabToken }, ...proxy, }) .json()); From f33eacb1c3ef37e34fd20e0b1595469c046539fa Mon Sep 17 00:00:00 2001 From: "alexandre.laroche.exfo" Date: Tue, 22 Apr 2025 09:01:56 -0400 Subject: [PATCH 2/2] Handle ci/cd job token --- lib/fail.js | 3 ++- lib/get-token-header.js | 8 ++++++++ lib/publish.js | 3 ++- lib/success.js | 3 ++- lib/verify.js | 11 ++--------- test/helpers/mock-gitlab.js | 3 ++- 6 files changed, 18 insertions(+), 13 deletions(-) create mode 100644 lib/get-token-header.js diff --git a/lib/fail.js b/lib/fail.js index 05516313..1eb994f7 100644 --- a/lib/fail.js +++ b/lib/fail.js @@ -6,6 +6,7 @@ const debug = _debug("semantic-release:gitlab"); import resolveConfig from "./resolve-config.js"; import getFailComment from "./get-fail-comment.js"; import getProjectContext from "./get-project-context.js"; +import getTokenHeader from "./get-token-header.js" export default async (pluginConfig, context) => { const { @@ -28,7 +29,7 @@ export default async (pluginConfig, context) => { const { encodedProjectPath, projectApiUrl } = getProjectContext(context, gitlabUrl, gitlabApiUrl, repositoryUrl); const apiOptions = { - headers: { "PRIVATE-TOKEN": gitlabToken }, + headers: { [getTokenHeader(gitlabToken)]: gitlabToken }, retry: { limit: retryLimit }, }; diff --git a/lib/get-token-header.js b/lib/get-token-header.js new file mode 100644 index 00000000..622eb339 --- /dev/null +++ b/lib/get-token-header.js @@ -0,0 +1,8 @@ +export default (token) => { + switch(true) { + case token.startsWith("glcbt-"): + return "JOB-TOKEN" + default: + return "PRIVATE-TOKEN" + } +}; \ No newline at end of file diff --git a/lib/publish.js b/lib/publish.js index 3f92f7e4..19e62d54 100644 --- a/lib/publish.js +++ b/lib/publish.js @@ -12,6 +12,7 @@ import resolveConfig from "./resolve-config.js"; import getAssets from "./glob-assets.js"; import { RELEASE_NAME } from "./definitions/constants.js"; import getProjectContext from "./get-project-context.js"; +import getTokenHeader from "./get-token-header.js" const isUrlScheme = (value) => /^(https|http|ftp):\/\//.test(value); @@ -33,7 +34,7 @@ export default async (pluginConfig, context) => { const encodedVersion = encodeURIComponent(version); const apiOptions = { headers: { - "PRIVATE-TOKEN": gitlabToken, + [getTokenHeader(gitlabToken)]: gitlabToken, }, hooks: { beforeError: [ diff --git a/lib/success.js b/lib/success.js index 929b6b9e..6d30c89d 100644 --- a/lib/success.js +++ b/lib/success.js @@ -6,6 +6,7 @@ const debug = _debug("semantic-release:gitlab"); import resolveConfig from "./resolve-config.js"; import getProjectContext from "./get-project-context.js"; import getSuccessComment from "./get-success-comment.js"; +import getTokenHeader from "./get-token-header.js" export default async (pluginConfig, context) => { const { @@ -19,7 +20,7 @@ export default async (pluginConfig, context) => { resolveConfig(pluginConfig, context); const { projectApiUrl } = getProjectContext(context, gitlabUrl, gitlabApiUrl, repositoryUrl); const apiOptions = { - headers: { "PRIVATE-TOKEN": gitlabToken }, + headers: { [getTokenHeader(gitlabToken)]: gitlabToken }, retry: { limit: retryLimit }, }; diff --git a/lib/verify.js b/lib/verify.js index 244cf26c..1b3f9335 100644 --- a/lib/verify.js +++ b/lib/verify.js @@ -6,6 +6,7 @@ import AggregateError from "aggregate-error"; import resolveConfig from "./resolve-config.js"; import getProjectContext from "./get-project-context.js"; import getError from "./get-error.js"; +import getTokenHeader from "./get-token-header.js" const isNonEmptyString = (value) => isString(value) && value.trim(); const isStringOrStringArray = (value) => @@ -54,25 +55,17 @@ export default async (pluginConfig, context) => { } if (gitlabToken && projectPath) { - let tokenHeader; let projectAccess; let groupAccess; logger.log("Verify GitLab authentication (%s)", gitlabApiUrl); - switch(true) { - case str.startsWith("glcbt-"): - tokenHeader = "JOB-TOKEN" - default: - tokenHeader = "PRIVATE-TOKEN" - } - try { ({ permissions: { project_access: projectAccess, group_access: groupAccess }, } = await got .get(projectApiUrl, { - headers: { tokenHeader: gitlabToken }, + headers: { [getTokenHeader(gitlabToken)]: gitlabToken }, ...proxy, }) .json()); diff --git a/test/helpers/mock-gitlab.js b/test/helpers/mock-gitlab.js index d9c2eb7f..8a688c68 100644 --- a/test/helpers/mock-gitlab.js +++ b/test/helpers/mock-gitlab.js @@ -1,5 +1,6 @@ import nock from 'nock'; import urlJoin from 'url-join'; +import getTokenHeader from "./get-token-header.js" /** * Retun a `nock` object setup to respond to a GitLab authentication request. Other expectation and responses can be chained. @@ -22,5 +23,5 @@ export default function ( : null || '/api/v4', } = {} ) { - return nock(urlJoin(gitlabUrl, gitlabApiPathPrefix), {reqheaders: {'Private-Token': gitlabToken}}); + return nock(urlJoin(gitlabUrl, gitlabApiPathPrefix), {reqheaders: {[getTokenHeader(gitlabToken)]: gitlabToken}}); };