actions/setup-java
2
0
Fork 0
mirror of https://github.com/actions/setup-java.git synced 2025-04-20 09:56:46 +00:00
Code Issues Projects Releases Packages Wiki Activity

fix(auth): Update authentication logic in settings.xml, unit tests (#1)

Browse source 
* fix(auth): Update authentication logic in settings.xml, unit tests

Enhanced the logic for reading authentication information in the settings.xml file to address an issue where attempts to configure a GitHub Action for fetching packages from a repository within the same organization resulted in authentication errors.
Despite the correct configuration, the process failed with a 401 Unauthorized status during dependency download from GitHub's Maven package repository.
The error was pinpointed to a non-resolvable parent POM due to authentication failure, with an incorrect 'parent.relativePath' exacerbating the issue.

To resolve this, I made significant updates to the logic within settings.xml for better handling of authentication information.
Additionally, unit tests have been updated to reflect these changes and ensure robust verification.

The documentation and examples have also been revised to provide clearer guidance on configuring and utilizing this updated process successfully.
This commit is contained in:
Parry 2024-03-01 16:16:24 +08:00 committed by GitHub
parent 9704b39bf2
commit c0786a2b6c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 58 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

37
__tests__/auth.test.ts
View file

@ -1,8 +1,8 @@
import * as io from '@actions/io';
import * as core from '@actions/core';
import * as io from '@actions/io';
import * as fs from 'fs';
import * as path from 'path';
import os from 'os';
import * as path from 'path';
import * as auth from '../src/auth';
import {M2_DIR, MVN_SETTINGS_FILE} from '../src/constants';
@ -10,6 +10,14 @@ import {M2_DIR, MVN_SETTINGS_FILE} from '../src/constants';
const m2Dir = path.join(__dirname, M2_DIR);
const settingsFile = path.join(m2Dir, MVN_SETTINGS_FILE);
// escape xml special characters
function escapeXml(unsafeStr: string) {
return unsafeStr
.replace(/&/g, '&')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;');
}
describe('auth tests', () => {
let spyOSHomedir: jest.SpyInstance;
let spyInfo: jest.SpyInstance;
@ -157,19 +165,22 @@ describe('auth tests', () => {
const username = 'USER';
const password = '&<>"\'\'"><&';
process.env['username'] = username;
process.env['password'] = password;
const expectedSettings = `<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>${id}</id>
<username>\${env.${username}}</username>
<password>\${env.&amp;&lt;&gt;"''"&gt;&lt;&amp;}</password>
<id>${escapeXml(id)}</id>
<username>${escapeXml(username)}</username>
<password>${escapeXml(password)}</password>
</server>
</servers>
</settings>`;
expect(auth.generate(id, username, password)).toEqual(expectedSettings);
expect(auth.generate(id, 'username', 'password')).toEqual(expectedSettings);
});
it('generates valid settings.xml with additional configuration', () => {
@ -178,23 +189,27 @@ describe('auth tests', () => {
const password = '&<>"\'\'"><&';
const gpgPassphrase = 'PASSPHRASE';
process.env['username'] = username;
process.env['password'] = password;
process.env['gpgPassphrase'] = gpgPassphrase;
const expectedSettings = `<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>${id}</id>
<username>\${env.${username}}</username>
<password>\${env.&amp;&lt;&gt;"''"&gt;&lt;&amp;}</password>
<id>${escapeXml(id)}</id>
<username>${escapeXml(username)}</username>
<password>${escapeXml(password)}</password>
</server>
<server>
<id>gpg.passphrase</id>
<passphrase>\${env.${gpgPassphrase}}</passphrase>
<passphrase>${escapeXml(gpgPassphrase)}</passphrase>
</server>
</servers>
</settings>`;
expect(auth.generate(id, username, password, gpgPassphrase)).toEqual(
expect(auth.generate(id, 'username', 'password', 'gpgPassphrase')).toEqual(
expectedSettings
);
});