Release 2.0.0 — explicit monorepo_url, drop first-target-host inference
Breaking change. The monorepo's gitea host was previously inferred from the first target's subrepo_url, silently coupling the two and breaking on any multi-host setup (monorepo on host A, target on host B). v2.0.0 replaces the inference with a required josh.monorepo_url field that mirrors subrepo_url — same parsing, same SSH/HTTPS auth options, same shape. - schema_version: 2 is now required; v1 configs are rejected with a clear migration error - josh.monorepo_url is required; josh.monorepo_auth is optional (default https) - mono_auth_url() in lib/auth.sh mirrors subrepo_auth_url() - MONOREPO_API derives from monorepo_url's host instead of .[0].gitea_host; env-var override preserved as escape hatch - initial_import() and force-push call mono_auth_url() instead of building URLs inline - ADR-012 documents the rationale; CHANGELOG includes migration snippet Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
24
lib/auth.sh
24
lib/auth.sh
@@ -2,7 +2,8 @@
|
||||
# lib/auth.sh — Authenticated URLs, remote queries, and PR creation
|
||||
#
|
||||
# Requires: lib/core.sh and lib/config.sh sourced first
|
||||
# Expects: JOSH_PROXY_URL, MONOREPO_PATH, BOT_USER, GITEA_TOKEN, JOSH_FILTER,
|
||||
# Expects: JOSH_PROXY_URL, MONOREPO_PATH, MONOREPO_URL, MONOREPO_AUTH,
|
||||
# BOT_USER, GITEA_TOKEN, JOSH_FILTER,
|
||||
# SUBREPO_URL, SUBREPO_AUTH, SUBREPO_TOKEN (set by parse_config + load_target)
|
||||
|
||||
# ─── Josh-Proxy Auth URL ───────────────────────────────────────────
|
||||
@@ -29,13 +30,24 @@ subrepo_auth_url() {
|
||||
}
|
||||
|
||||
# ─── Monorepo Auth URL ─────────────────────────────────────────────
|
||||
# Derives a push-capable HTTPS URL from MONOREPO_API.
|
||||
# MONOREPO_API shape: https://<host>/api/v1/repos/<org/repo>
|
||||
# HTTPS: injects user:token into MONOREPO_URL (auto-converts git@ form to https)
|
||||
# SSH: returns bare MONOREPO_URL (auth via user's ssh-agent / ~/.ssh/config,
|
||||
# or via GIT_SSH_COMMAND if the caller wired one up for the monorepo host)
|
||||
|
||||
mono_auth_url() {
|
||||
local api_host_path
|
||||
api_host_path=$(echo "$MONOREPO_API" | sed 's|https://||; s|/api/v1/repos/|/|')
|
||||
echo "https://${BOT_USER}:${GITEA_TOKEN}@${api_host_path}.git"
|
||||
if [ "${MONOREPO_AUTH:-https}" = "ssh" ]; then
|
||||
echo "$MONOREPO_URL"
|
||||
else
|
||||
local https_url="$MONOREPO_URL"
|
||||
# Convert git@host:org/repo.git → https://host/org/repo.git so token injection works
|
||||
if [[ "$https_url" == git@* ]]; then
|
||||
https_url=$(echo "$https_url" | sed -E 's|^git@([^:]+):(.+)$|https://\1/\2|')
|
||||
elif [[ "$https_url" == ssh://* ]]; then
|
||||
https_url=$(echo "$https_url" | sed -E 's|^ssh://[^@]*@([^/]+)/(.+)$|https://\1/\2|')
|
||||
fi
|
||||
# shellcheck disable=SC2001
|
||||
echo "$https_url" | sed "s|https://|https://${BOT_USER}:${GITEA_TOKEN}@|"
|
||||
fi
|
||||
}
|
||||
|
||||
# ─── Remote Queries ─────────────────────────────────────────────────
|
||||
|
||||
Reference in New Issue
Block a user