From 70ea0a785b2626be2729f78d150a67ac25050377 Mon Sep 17 00:00:00 2001 From: Andrea Restle-Lay Date: Fri, 21 Feb 2025 16:10:22 -0500 Subject: [PATCH] =?UTF-8?q?revert=20change=20made=20to=20allow=20UI=20to?= =?UTF-8?q?=20accept=20x-access-token,=20just=20use=20htt=E2=80=A6=20(#158?= =?UTF-8?q?51)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit revert change made to allow UI to accept x-access-token, just use https:// instead --- awx/main/tests/unit/utils/test_common.py | 6 +++--- awx/main/utils/common.py | 19 ++++++------------- 2 files changed, 9 insertions(+), 16 deletions(-) diff --git a/awx/main/tests/unit/utils/test_common.py b/awx/main/tests/unit/utils/test_common.py index 50f423b2d9d8..e38543ead53b 100644 --- a/awx/main/tests/unit/utils/test_common.py +++ b/awx/main/tests/unit/utils/test_common.py @@ -247,7 +247,7 @@ def test_extract_ansible_vars(): True, True, False, - ValueError('Username must be "git" or "x-access-token" (for github app) for SSH access to github.com.'), + ValueError('Username must be "git" for SSH access to github.com.'), ), ( 'git', @@ -256,7 +256,7 @@ def test_extract_ansible_vars(): True, True, False, - ValueError('Username must be "git" or "x-access-token" (for github app) for SSH access to bitbucket.org.'), + ValueError('Username must be "git" for SSH access to bitbucket.org.'), ), ( 'git', @@ -265,7 +265,7 @@ def test_extract_ansible_vars(): True, True, False, - ValueError('Username must be "git" or "x-access-token" (for github app) for SSH access to altssh.bitbucket.org.'), + ValueError('Username must be "git" for SSH access to altssh.bitbucket.org.'), ), ('git', 'git:password@github.com:ansible/awx.git', True, True, True, False, 'git+ssh://git@github.com/ansible/awx.git'), # Disabling the special handling should not raise an error diff --git a/awx/main/utils/common.py b/awx/main/utils/common.py index af28df0a8196..2f45bb7c8fed 100644 --- a/awx/main/utils/common.py +++ b/awx/main/utils/common.py @@ -329,19 +329,12 @@ def update_scm_url(scm_type, url, username=True, password=True, check_special_ca # Special handling for github/bitbucket SSH URLs. if check_special_cases: - special_hosts = ('github.com', 'bitbucket.org', 'altssh.bitbucket.org') - allowed_git_usernames = {'git', 'x-access-token'} - - if scm_type == 'git' and parts.scheme.endswith('ssh'): - is_github_host = parts.hostname in special_hosts or parts.hostname.endswith('.github.com') - is_bitbucket_host = parts.hostname in special_hosts or parts.hostname.endswith('.bitbucket.com') or 'bitbucket' in parts.hostname - - if is_github_host and netloc_username not in allowed_git_usernames: - raise ValueError(_('Username must be "git" or "x-access-token" (for github app) for SSH access to %s.') % parts.hostname) - - if (is_github_host or is_bitbucket_host) and netloc_password: - # raise ValueError('Password not allowed for SSH access to %s.' % parts.hostname) - netloc_password = '' + special_git_hosts = ('github.com', 'bitbucket.org', 'altssh.bitbucket.org') + if scm_type == 'git' and parts.scheme.endswith('ssh') and parts.hostname in special_git_hosts and netloc_username != 'git': + raise ValueError(_('Username must be "git" for SSH access to %s.') % parts.hostname) + if scm_type == 'git' and parts.scheme.endswith('ssh') and parts.hostname in special_git_hosts and netloc_password: + # raise ValueError('Password not allowed for SSH access to %s.' % parts.hostname) + netloc_password = '' if netloc_username and parts.scheme != 'file' and scm_type not in ("insights", "archive"): netloc = u':'.join([urllib.parse.quote(x, safe='') for x in (netloc_username, netloc_password) if x])