Skip to content

Allow GitHub deploy with custom url and pat#5195

Open
bmo-at-a9s wants to merge 3 commits intocloudfoundry:developfrom
anynines:feature/allow-github-deploy-with-custom-url-and-pat
Open

Allow GitHub deploy with custom url and pat#5195
bmo-at-a9s wants to merge 3 commits intocloudfoundry:developfrom
anynines:feature/allow-github-deploy-with-custom-url-and-pat

Conversation

@bmo-at-a9s
Copy link
Copy Markdown
Contributor

@bmo-at-a9s bmo-at-a9s commented Oct 6, 2025

Description

The github deployment flow currently only works with public repositories on github.com
This PR introduces changes that make it possible to optionally supply a Personal Access Token to work with a private repository hosted on github.com or both a PAT and a custom url to enable deployments from github enterprise instances.

How Has This Been Tested?

The tests for the current github flow cover this mostly already.
A staging deployment was used to verify that the additional fields work.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • Docs update
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have followed the guidelines in CONTRIBUTING.md, including the required formatting of the commit message

bmo-at-a9s and others added 3 commits August 19, 2025 14:44
@bmo-at-a9s
implement functionality
3e65f44
@bmo-at-a9s
requested changes from review
818d6c5
@bmo-at-a9s
Fix failing deployments by passing token auth through correctly to je…
f35f81f 
…tstream (#172)

* pass gh token all the way down to backend properly

* camel case access token

* implement PR feedback
norman-abramovitz added a commit that referenced this pull request Apr 13, 2026
@norman-abramovitz @bmo-at-a9s
support GitHub Enterprise and private repo deploy via PAT
f71eeae 
Ports upstream PR #5195 (author: Jan-Robin Aumann) to modern Stratos
patterns on feature/Angular-21.

Before this port, Stratos' "deploy from GitHub" wizard only worked
against public repositories on github.com. Customers on GitHub
Enterprise or with private github.com repos had no path through the UI.
This port adds two optional inputs to step 2 of the deploy wizard:

  - GitHub Enterprise URL — base URL of a GHE instance (validated)
  - GitHub Access Token   — optional PAT for private repos

Backend (clean port of the cfapppush plugin):
  - types.go — GitSCMSourceInfo gains AccessToken, CloneDetails gains
    AccessToken. Typo fix: upstream used `AcccessToken` (3 c's); fixed
    here to `AccessToken` (JSON tag was already correct).
  - deploy.go — threads AccessToken from the websocket message into
    CloneDetails and into GetVCS(withAccessToken(...)).
  - vcs.go — functional-options pattern on GetVCS. Access-token URL
    rewriting moved into vcsCmd.Create itself (upstream did it at the
    call site) so it can't be bypassed. GetVCS() also returns a fresh
    struct per call to avoid concurrent callers racing on a mutated
    package-level prototype.

Frontend — modern Angular patterns:
  - deploy-application-step2.component.html — two new inputs in the
    existing form-field pattern (not mat-form-field). The access-token
    input uses type="password" + autocomplete="off" so browsers won't
    offer to save it. Error surfaces via Tailwind class, not mat-error.
  - deploy-application-step2.component.ts — new applyGithubEnterpriseAndToken()
    helper hooked into the existing valueChanges pipeline via tap().
    URL validation uses `new URL(...)` in try/catch. No-op when the
    active SCM is not GitHub (GitLab path stays untouched).
  - github-project-exists.directive.ts — renamed helper to
    getTypeAndEndpointWithAuth(), now expects 3 comma-separated parts
    (type,endpoint,token).
  - scm-base.ts, github-scm.ts, scm.service.ts — plumbing to carry
    HttpOptions with an Authorization header through every GitHub API
    call (repos, branches, commits, search).
  - @stratosui/git public_api now re-exports BaseSCM and GitHubSCM so
    consumers can call setAccessToken/setPublicApi without deep imports.
  - deploy-application-deployer.ts, deploy-application.types.ts — thread
    accessToken through the GitSCMSourceInfo envelope so it reaches the
    jetstream backend.
  - github-commits-list-config-deploy.service.ts — passes access token
    through when instantiating the SCM for the commits list.

Security notes: the PAT is a user secret of similar sensitivity to the
UAA token. It's sent over TLS, never persisted server-side, and used
only in-memory during the clone. The embedded-in-URL form (required by
git's CLI) means it briefly appears in the git process arguments —
visible to anyone with shell access inside the jetstream container.
Upstream limitation, documented here for future readers.

Co-authored-by: Jan-Robin Aumann <jaumann@anynines.com>
norman-abramovitz added a commit that referenced this pull request Apr 13, 2026
@norman-abramovitz
add Go unit tests for retrieveToken and vcs URL rewriting
b769565 
Covers the two pieces of novel backend logic added in the recent port
batch (PR 5169 + PR 5195).

auth_test.go:
  - TestRetrieveToken — success case. Mirrors TestVerifySession's mock
    plumbing (setupHTTPTest, sqlmock, InitStratosAuthService) to stub a
    signed-session user_id/exp and verify the handler returns an
    AuthTokenEnvelope containing the decrypted TokenRecord.
  - TestRetrieveTokenNoSessionDate — error path. Omits "exp" from the
    session so GetSessionInt64Value fails, and verifies the handler
    writes an error envelope (status:"error", data:null) rather than
    propagating the error to echo.

vcs.go:
  - Extracted the access-token URL rewrite logic from Create() into
    vcsCmd.repoWithToken(repo). Create() now delegates to it. Pure
    refactor — no behavioural change — done so the rewrite can be
    unit-tested without shelling out to a real git binary.

vcs_test.go (new file, six tests):
  - TestRepoWithToken_NoTokenReturnsURLUnchanged — no-op when token empty
  - TestRepoWithToken_EmbedsTokenAsBasicAuth — PAT injected as
    x-access-token basic-auth userinfo
  - TestRepoWithToken_InvalidURLReturnsError — malformed URL surfaces
    a wrapped parse error
  - TestRepoWithToken_SpecialCharactersInTokenEscaped — tokens
    containing @, :, / must be percent-encoded so they don't prematurely
    terminate the userinfo section. This is the class of bug that would
    silently point git at the wrong host.
  - TestGetVCS_ReturnsFreshCopyNotPrototype — confirms GetVCS() returns
    a copy of the package-level vcsGit prototype rather than the
    prototype itself, so concurrent callers can't race on a mutated
    accessToken field. Directly exercises the concurrency fix that
    deviated from upstream PR #5195's GetVCS implementation.
  - TestGetVCS_WithAccessTokenOption — confirms the functional-options
    pattern actually applies the token to the returned struct and
    preserves the prototype's other fields.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bmo-at-a9s