New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Access tokens for flakes #4091
Access tokens for flakes #4091
Conversation
Allows Configuration values that are space-separated key=value pairs.
…ing. Completes the change begun in commit 56f1e0d to consistently use the "host" attribute for "github" and "gitlab" inputs instead of a "url" attribute.
This change provides support for using access tokens with other instances of GitHub and GitLab beyond just github.com and gitlab.com (especially company-specific or foundation-specific instances). This change also provides the ability to specify the type of access token being used, where different types may have different handling, based on the forge type.
e0d1bb3
to
5e78385
Compare
@kquick Have you been using this? I'm wondering if I'm doing it wrong, or if we have a bug. Demonstrating below: I have the
Using the same github token, I am able to hit the URL that
|
The example (in the code comment) shows quotes, but it appears that's not really a syntax construct in nix.conf. It's just parsing it as a literal string including quotes. @kquick In your case, it's reading your GitHub token as Simply removing the quotes in nix.conf works. |
Oops, yes, that's a bug in the docs: my local usage doesn't have the quotes. Thanks @stephank and @imalsogreg for the investigation and PR to fix! |
Would it be possible to use this as is, or possibly extend it a bit to provide aws credentials (primarily for uploading to s3 cache). As it is, because a |
The credentials from the |
This patch updates the ability to specify access tokens in the
nix.conf
file for use in the github fetcher. This PR builds upon the previous functionality provided by @imalsogreg to allow the specification of more than two access tokens because:Gitlab has two different kinds of access tokens that can be used (4 authorization methods, but just two that are relevant here).
Both gitlab and github are available for use by organizations and other groups, so they will exist at locations other than https://github.com and https://gitlab.com, both publicly and privately.
There are also non-github and non-gitlab sites hosting git that will have access controls.
This patch provides the ability to specify the access token to use for a specific remote host by matching against the
"host"
attribute in the corresponding flake input specification.This adds a new entry to the
nix.conf
file calledaccess-tokens
, which is a space separated list of host=token specifications. It removes thegitlab-access-token
provided in PR #3675 because that token is new enough that it is not likely to be broadly used. Thegithub-access-token
is still supported, but generates deprecation warnings when used.