decouple authentication information from HOMEBREW_ARTIFACT_DOMAIN

add support for credentials usage in combination with other mirroring features. previously `HOMEBREW_DOCKER_REGISTRY_TOKEN` and `HOMEBREW_DOCKER_REGISTRY_BASIC_AUTH_TOKEN` where only used in combination with `HOMEBREW_ARTIFACT_DOMAIN` which affects *all* curl download strategies. `HOMEBREW_BOTTLE_DOMAIN` is only used for bottle artifacts, whose mirror might also require credentials. this change removes the requirement of using `HOMEBREW_ARTIFACT_DOMAIN`. related to #13226
2022-05-23 10:33:05 +02:00 · 2022-05-23 10:33:05 +02:00 · 9cbaf97069
commit 9cbaf97069
parent 555cf335ab
2 changed files with 52 additions and 2 deletions
--- a/Library/Homebrew/brew.sh
+++ b/Library/Homebrew/brew.sh
@ -820,10 +820,10 @@ then
  export GIT_SSH_COMMAND="ssh -F${HOMEBREW_SSH_CONFIG_PATH}"
 fi

-if [[ -n "${HOMEBREW_ARTIFACT_DOMAIN}" && -n "${HOMEBREW_DOCKER_REGISTRY_TOKEN}" ]]
+if [[ -n "${HOMEBREW_DOCKER_REGISTRY_TOKEN}" ]]
 then
  export HOMEBREW_GITHUB_PACKAGES_AUTH="Bearer ${HOMEBREW_DOCKER_REGISTRY_TOKEN}"
-elif [[ -n "${HOMEBREW_ARTIFACT_DOMAIN}" && -n "${HOMEBREW_DOCKER_REGISTRY_BASIC_AUTH_TOKEN}" ]]
+elif [[ -n "${HOMEBREW_DOCKER_REGISTRY_BASIC_AUTH_TOKEN}" ]]
 then
  export HOMEBREW_GITHUB_PACKAGES_AUTH="Basic ${HOMEBREW_DOCKER_REGISTRY_BASIC_AUTH_TOKEN}"
 else
--- a/Library/Homebrew/test/download_strategies/curl_github_packages_spec.rb
+++ b/Library/Homebrew/test/download_strategies/curl_github_packages_spec.rb
@ -0,0 +1,50 @@
+# typed: false
+# frozen_string_literal: true
+
+require "download_strategy"
+
+describe CurlGitHubPackagesDownloadStrategy do
+  subject(:strategy) { described_class.new(url, name, version, **specs) }
+
+  let(:name) { "foo" }
+  let(:url) { "https://#{GitHubPackages::URL_DOMAIN}/v2/homebrew/core/spec_test/manifests/1.2.3" }
+  let(:version) { "1.2.3" }
+  let(:specs) { {} }
+
+  describe "#fetch" do
+    before do
+      strategy.temporary_path.dirname.mkpath
+      FileUtils.touch strategy.temporary_path
+    end
+
+    it "calls curl with anonymous authentication headers" do
+      expect(strategy).to receive(:system_command).with(
+        /curl/,
+        hash_including(args: array_including_cons("--header", "Authorization: Bearer QQ==")),
+      )
+      .at_least(:once)
+      .and_return(instance_double(SystemCommand::Result, success?: true, stdout: "", assert_success!: nil))
+
+      strategy.fetch
+    end
+
+    context "with Github Packages authentication defined" do
+      let(:authorization) { "Bearer dead-beef-cafe" }
+
+      before do
+        HOMEBREW_GITHUB_PACKAGES_AUTH = authorization.freeze
+      end
+
+      it "calls curl with the provided header value" do
+        expect(strategy).to receive(:system_command).with(
+          /curl/,
+          hash_including(args: array_including_cons("--header", "Authorization: #{authorization}")),
+        )
+        .at_least(:once)
+        .and_return(instance_double(SystemCommand::Result, success?: true, stdout: "", assert_success!: nil))
+
+        strategy.fetch
+      end
+    end
+  end
+end