1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
From 26fb22ee6b075aacf849c128f54fad07a3b45316 Mon Sep 17 00:00:00 2001
From: Alyssa Ross <hi@alyssa.is>
Date: Mon, 29 Mar 2021 14:12:17 +0000
Subject: [PATCH] Support reading auth token from file descriptor
This is a quick hack:
* It would make more sense to use a command line argument than an
environment variable, because there's not really any sense
propagating this to children.
* `gh auth status' doesn't work.
---
internal/config/from_env.go | 26 +++++++++++++++++++++++++-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/internal/config/from_env.go b/internal/config/from_env.go
index 97a5e5b4..f2e758bc 100644
--- a/internal/config/from_env.go
+++ b/internal/config/from_env.go
@@ -2,13 +2,16 @@ package config
import (
"fmt"
+ "io"
"os"
+ "strconv"
"github.com/cli/cli/internal/ghinstance"
)
const (
GH_HOST = "GH_HOST"
+ GH_TOKEN_FD = "GH_TOKEN_FD"
GH_TOKEN = "GH_TOKEN"
GITHUB_TOKEN = "GITHUB_TOKEN"
GH_ENTERPRISE_TOKEN = "GH_ENTERPRISE_TOKEN"
@@ -84,7 +87,27 @@ func (c *envConfig) CheckWriteable(hostname, key string) error {
return c.Config.CheckWriteable(hostname, key)
}
+var tokenFromFd string
+
func AuthTokenFromEnv(hostname string) (string, string) {
+ if tokenFromFd != "" {
+ return tokenFromFd, GH_TOKEN_FD
+ }
+
+ if fd := os.Getenv(GH_TOKEN_FD); fd != "" {
+ if fd, err := strconv.ParseUint(fd, 10, 32); err == nil {
+ bytes := make([]byte, 40)
+ f := os.NewFile(uintptr(fd), "token")
+ defer f.Close()
+ if _, err := io.ReadFull(f, bytes); err == nil {
+ tokenFromFd = string(bytes)
+ return tokenFromFd, GH_TOKEN_FD
+ }
+ }
+
+ return "", GH_TOKEN_FD
+ }
+
if ghinstance.IsEnterprise(hostname) {
if token := os.Getenv(GH_ENTERPRISE_TOKEN); token != "" {
return token, GH_ENTERPRISE_TOKEN
@@ -101,7 +124,8 @@ func AuthTokenFromEnv(hostname string) (string, string) {
}
func AuthTokenProvidedFromEnv() bool {
- return os.Getenv(GH_ENTERPRISE_TOKEN) != "" ||
+ return os.Getenv(GH_TOKEN_FD) != "" ||
+ os.Getenv(GH_ENTERPRISE_TOKEN) != "" ||
os.Getenv(GITHUB_ENTERPRISE_TOKEN) != "" ||
os.Getenv(GH_TOKEN) != "" ||
os.Getenv(GITHUB_TOKEN) != ""
--
2.30.0
|