From eeb00e5034d9cbcec633d5fa23b824eb275b16df Mon Sep 17 00:00:00 2001 From: Daniel Linsley Date: Thu, 25 Apr 2024 17:31:05 +0000 Subject: [PATCH] use basic auth for all request to artifactory if credentials are defined Signed-off-by: Daniel Linsley --- internal/component/artifactory.go | 36 ++++++++++++++------------ internal/component/artifactory_test.go | 8 +++--- 2 files changed, 25 insertions(+), 19 deletions(-) diff --git a/internal/component/artifactory.go b/internal/component/artifactory.go index bc21d268..f34c5b5e 100644 --- a/internal/component/artifactory.go +++ b/internal/component/artifactory.go @@ -80,9 +80,9 @@ func (ars *ArtifactoryReleaseSource) DownloadRelease(releaseDir string, remoteRe downloadURL += "/" + ars.Repo + "/" + remoteRelease.RemotePath ars.logger.Printf(logLineDownload, remoteRelease.Name, ReleaseSourceTypeArtifactory, ars.ID) - resp, err := ars.Client.Get(downloadURL) + resp, err := ars.getWithAuth(downloadURL) if err != nil { - return Local{}, wrapVPNError(err) + return Local{}, err } if resp.StatusCode != http.StatusOK { @@ -122,9 +122,10 @@ func (ars *ArtifactoryReleaseSource) DownloadRelease(releaseDir string, remoteRe func (ars *ArtifactoryReleaseSource) getFileSHA1(release cargo.BOSHReleaseTarballLock) (string, error) { fullURL := ars.ArtifactoryHost + "/api/storage/" + ars.Repo + "/" + release.RemotePath ars.logger.Printf("Getting %s file info from artifactory", release.Name) - resp, err := ars.Client.Get(fullURL) + + resp, err := ars.getWithAuth(fullURL) if err != nil { - return "", wrapVPNError(err) + return "", err } if resp.StatusCode != http.StatusOK { return "", fmt.Errorf("failed to get %s release info from artifactory with error code %d", release.Name, resp.StatusCode) @@ -157,15 +158,10 @@ func (ars *ArtifactoryReleaseSource) GetMatchedRelease(spec cargo.BOSHReleaseTar } fullUrl := fmt.Sprintf("%s/%s/%s/%s", ars.ArtifactoryHost, "api/storage", ars.Repo, remotePath) - request, err := http.NewRequest(http.MethodGet, fullUrl, nil) + response, err := ars.getWithAuth(fullUrl) if err != nil { return cargo.BOSHReleaseTarballLock{}, err } - - response, err := ars.Client.Do(request) - if err != nil { - return cargo.BOSHReleaseTarballLock{}, wrapVPNError(err) - } defer func() { _ = response.Body.Close() }() @@ -196,15 +192,11 @@ func (ars *ArtifactoryReleaseSource) FindReleaseVersion(spec cargo.BOSHReleaseTa fullUrl := fmt.Sprintf("%s/%s/%s/%s", ars.ArtifactoryHost, "api/storage", ars.Repo, path.Dir(remotePath)) - request, err := http.NewRequest(http.MethodGet, fullUrl, nil) + response, err := ars.getWithAuth(fullUrl) if err != nil { return cargo.BOSHReleaseTarballLock{}, err } - response, err := ars.Client.Do(request) - if err != nil { - return cargo.BOSHReleaseTarballLock{}, wrapVPNError(err) - } defer func() { _ = response.Body.Close() }() @@ -226,7 +218,7 @@ func (ars *ArtifactoryReleaseSource) FindReleaseVersion(spec cargo.BOSHReleaseTa } if err := json.Unmarshal(responseBody, &artifactoryFolderInfo); err != nil { - return cargo.BOSHReleaseTarballLock{}, fmt.Errorf("json from %s is malformed: %s", request.URL.Host, err) + return cargo.BOSHReleaseTarballLock{}, fmt.Errorf("json from %s is malformed: %s", response.Request.URL.Host, err) } semverPattern, err := regexp.Compile(`([-v])\d+(.\d+)*`) @@ -348,6 +340,18 @@ func (ars *ArtifactoryReleaseSource) pathTemplate() *template.Template { Parse(ars.ReleaseSourceConfig.PathTemplate)) } +func (ars *ArtifactoryReleaseSource) getWithAuth(url string) (*http.Response, error) { + request, err := http.NewRequest(http.MethodGet, url, nil) + if err != nil { + return nil, err + } + if ars.Username != "" { + request.SetBasicAuth(ars.Username, ars.Password) + } + response, err := ars.Client.Do(request) + return response, wrapVPNError(err) +} + type vpnError struct { wrapped error } diff --git a/internal/component/artifactory_test.go b/internal/component/artifactory_test.go index baab0545..2dddbbc9 100644 --- a/internal/component/artifactory_test.go +++ b/internal/component/artifactory_test.go @@ -66,16 +66,18 @@ var _ = Describe("interacting with BOSH releases on Artifactory", func() { Describe("read operations", func() { BeforeEach(func() { + requireAuth := requireBasicAuthMiddleware(correctUsername, correctPassword) + artifactoryRouter.Handler(http.MethodGet, "/api/storage/basket/bosh-releases/smoothie/9.9/mango/mango-2.3.4-smoothie-9.9.tgz", applyMiddleware(http.HandlerFunc(func(res http.ResponseWriter, _ *http.Request) { res.WriteHeader(http.StatusOK) // language=json _, _ = io.WriteString(res, `{"checksums": {"sha1": "some-sha"}}`) - }))) + }), requireAuth)) artifactoryRouter.Handler(http.MethodGet, "/api/storage/basket/bosh-releases/smoothie/9.9/mango", applyMiddleware(http.HandlerFunc(func(res http.ResponseWriter, _ *http.Request) { res.WriteHeader(http.StatusOK) // language=json _, _ = io.WriteString(res, `{"children": [{"uri": "/mango-2.3.4-smoothie-9.9.tgz", "folder": false}]}`) - }))) + }), requireAuth)) artifactoryRouter.Handler(http.MethodGet, "/artifactory/basket/bosh-releases/smoothie/9.9/mango/mango-2.3.4-smoothie-9.9.tgz", applyMiddleware(http.HandlerFunc(func(res http.ResponseWriter, _ *http.Request) { res.WriteHeader(http.StatusOK) f, err := os.Open(filepath.Join("testdata", "some-release.tgz")) @@ -84,7 +86,7 @@ var _ = Describe("interacting with BOSH releases on Artifactory", func() { } defer closeAndIgnoreError(f) _, _ = io.Copy(res, f) - }) /* put middleware here */)) + }), requireAuth)) }) When("the server has the a file at the expected path", func() { It("resolves the lock from the spec", func() { // testing GetMatchedRelease