1
0
mirror of https://github.com/openSUSE/osc.git synced 2024-11-15 08:36:13 +01:00
Commit Graph

299 Commits

Author SHA1 Message Date
4b5534b070 Load empty optional configuration values as 'None' 2023-09-25 10:15:52 +02:00
1a42b7a2c9 Fix validating configuration by wrapping password into Password object 2023-09-13 14:25:47 +02:00
848f5fe48f Switch 'osc.conf.config' from dict to Options class with type checking 2023-09-11 21:14:45 +02:00
Tammo Oepkes
b9014ccd56
Fix api_host_options for custom CAs (#1403) 2023-09-11 21:06:34 +02:00
4255711344 Implement 'exclude_files' and 'include_files' config options that allow skipping files in the 'checkout' command
Examples:
    osc checkout --setopt='include_files=*.spec *.changes'
    osc checkout --setopt='exclude_files=*.tar.* *.obscpio'
2023-08-30 11:28:30 +02:00
f9dc3122f9 Add more config options among integer options 2023-08-15 14:29:18 +02:00
9ec1b24c2e Add '--setopt' option for setting config options from the command-line 2023-07-17 09:15:28 +02:00
5f912a8d7d conf: Display apiurl when asking for a username or a password 2023-04-11 11:25:24 +02:00
cf6e33a59b conf: If apiurl is not set in interactive_config_setup(), use apiurl from DEFAULTS 2023-04-11 11:11:25 +02:00
a25ea8d175 conf: Do not error out if oscrc is owned by another user 2023-04-03 08:59:25 +02:00
7c826dc605 conf: Fix a cut&paste error in setting 'disable_hdrmd5_check' config option
This set credentials_mgr_class to 'False', which caused
TransientCredentialsManager to ask for a password even when doing ssh auth.
2023-03-17 14:13:21 +01:00
0ad39a9ec9 build: New option 'disable_hdrmd5_check' to ignore hdrmd5 mismatches 2023-02-21 14:53:08 +01:00
2a9edeec5b conf: Change how api_host_options determine option types
The _integer_opts and _boolean_opts specify option types for both
global options as well as api_host_options
2023-02-21 14:42:30 +01:00
Dirk Müller
adb1a9b4ef mark boolean and integer_opts as private
It is unused elsewhere, and only used for unit-testing
2022-12-01 10:05:32 +01:00
7e67269b74 Replace 'if not <cond> in ...' with 'if <cond> not in ...' 2022-09-12 14:15:34 +02:00
fe59986e1c Run autopep8 to fix whitespace issues 2022-09-12 13:45:19 +02:00
b511be20ff Always import at the toplevel 2022-09-12 13:45:19 +02:00
ff63226c2f Properly test for None 2022-09-09 09:33:51 +02:00
b55384a914 Fix undefined variable in conf.apply_option_types() 2022-09-09 09:33:51 +02:00
a5b8729f2f Fix usage of super() 2022-09-09 09:33:51 +02:00
f8a8c9c91c Print user and apiurl when prompting for a password
It's not a good idea to send a password to a different server
than it belongs. Now the server identity is obvious.
2022-09-08 10:51:04 +02:00
3d8efe2d15 ssh auth: Avoid password prompt when using TransientCredentialsManager 2022-09-06 12:49:47 +02:00
ed5def96ba Remove deprecated 'plaintext_passwd' config option 2022-08-25 13:20:25 +02:00
41ceb4b5f8 Remove deprecated 'GnomeKeyringCredentialsManager' and related code 2022-08-25 13:20:25 +02:00
b306bf0b91 Convert defaults to their expected types
Fixes problems in reading conf values before the configuration
is fully initialized.
2022-08-22 15:08:49 +02:00
6cb7412749 Remove duplicated --debug and --verbose options
Additional changes:
* rename getbinaries --debug to --debuginfo to avoid conflicts
* switch conf['verbose'] from int to bool

The changes were needed because the new argparser behaves differently
and commands such as `osc ls` ran in verbose mode by default.
2022-08-12 10:06:00 +02:00
e469c2c184
Merge pull request #1041 from AdamMajer/master
Add support for project separator
2022-08-12 10:03:23 +02:00
229913a77f Clean imports up, drop python 2 fallbacks 2022-07-28 13:17:43 +02:00
0d701556f2 Warn when using HTTP connection. Make HTTPS the default.
It is possible to omit protocol in -A/--apiurl now,
because https:// is the default.
2022-07-27 11:15:21 +02:00
93bc0e4731 Switch http_request() to urllib3
Use connection pools for better performance.
Replace M2Crypto with cryptography and urllib3's ssl context.
2022-07-27 11:15:21 +02:00
4deaf2b9c3
Merge pull request #1077 from abitrolly/relconf
Fix failure to create config in current dir
2022-07-26 09:37:29 +02:00
Anatoli Babenia
6a9398a97b Fix failure to create config in current dir
This uses exception based protection from parallel execution
https://github.com/openSUSE/osc/pull/1077#discussion_r928976845
2022-07-26 09:04:15 +03:00
9786aafa51 Update list of considered file names for ssh key autodetection
The file names come from ssh(1) man page.
2022-07-25 17:54:43 +02:00
f83e9a23d5
Merge pull request #1074 from dmach/pr1049-v2
RFC: ssh: recognize gpg keys (yubikey usage)
2022-07-25 13:52:31 +02:00
a7e5e12c5a Allow users to prefer ssh key over password auth
If `sshkey` config option is set, then osc prefers it over password auth.
If `sshkey` config option is not set and the server supports both basic
and signature auth, basic auth is used and ssh key is NOT auto-detected.

Users who want to use ssh auth with ssh key auto-detection can now leave
the `pass` config option empty to trigger ssh key auto-detection.

The ssh-key autodetection picks the first key that matches:
- key loaded to ssh-agent (`ssh-add -l`) that has a public key in ~/.ssh
- ~/.ssh/{id_ed25519,id_rsa}

It is also recommended to use Obfuscated or Plaintext credentials manager.
Please be aware that storing passwords using these credentials managers
is unsafe, because they're stored in plain text on disk.

Example:

    [<apiurl>]
    user=<username>
    pass=
    # ssh key is auto-detected because `pass` is empty
    sshkey=
    credentials_mgr_class=osc.credentials.ObfuscatedConfigFileCredentialsManager
2022-07-22 08:20:44 +02:00
Martin Wilck
870d861b61 ssh: recognize gpg keys (yubikey usage)
When using ssh keys from gpg, there are no private key files on
disk. The public keys are available from "ssh-add -L". Conveniently,
users store the public keys in some ".pub" file under ~/.ssh
(see e.g. https://serverfault.com/questions/906871/force-the-use-of-a-gpg-key-as-an-ssh-key-for-a-given-server;
this is also necessary to use IdentityFile= in ssh itself).

Thus public key files can't be ignored any more in list_ssh_dir_keys().
"ssh-keygen -Y sign" works nicely with a public key file if the agent
has access to the private key.
2022-07-11 13:08:34 +02:00
Adam Majer
c4c2d2a933 Add project_separator to config file
This allows for arbitrary string to be used as a project
separator instead of restricting oneself to : or directory
structure.

Fixes: #1024
2022-07-04 15:05:05 +02:00
lethliel
d9e2d958c1 declare OscHTTPSignatureAuthHandler as a new-style class
remove illegal character in comment
2022-06-14 14:27:48 +02:00
dec6f7135d
Merge pull request #1043 from dirkmueller/download_url_quoting
Fix quoting of download urls
2022-06-02 13:28:59 +02:00
1715163166
Merge pull request #994 from dmach/update-sphinx-configuration
Update Sphinx configuration
2022-06-02 10:09:38 +02:00
1f8fc339de
ssh key authentification fixes
- do not crash when having binary files in ~/.ssh
- support also RSA key setups
2022-06-01 16:23:02 +02:00
Marco Strigl
c3d535c3b2
Merge pull request #1012 from adrianschroeter/obs_git
initial obs-git support
2022-05-24 11:39:45 +02:00
Michael Schroeder
badcfc283c Remove no longer used modules 2022-05-23 11:23:13 +02:00
Michael Schroeder
b8f76f7990 OscHTTPSignatureAuthHandler: try to guess ssh key from the keys added to ssh-agent
Based on a patch by Daniel Mach
2022-05-23 11:23:05 +02:00
Dirk Müller
b7ed6534eb
trailing whitespace cleanup 2022-05-20 12:00:44 +02:00
mls
0b826613d9
Integrate signature authentication in the OscHTTPAuthHandler 2022-05-06 16:30:15 +02:00
mls
99ba3719c7
Add support for the Signature authentication scheme
See https://tools.ietf.org/id/draft-cavage-http-signatures-12.html
2022-05-06 16:29:58 +02:00
c875ca2886
initial obs-git support
* init command is working inside of a git repository
* downloadassets command fetches references assets from build description
* checkout is cloning from git
2022-04-29 09:59:13 +02:00
mls
e47a265388
Allow to configure a ssh key in the config
We support a global key and a key specific to an apiurl.
2022-04-27 11:36:20 +02:00
mls
119ffd6027
Rename OscHTTPBasicAuthHandler to OscHTTPAuthHandler
We'll support more than one auth scheme in the future.
2022-04-27 11:36:20 +02:00