Gitsm does not use credentials when cloning the submodules

Gitsm does not use credentials when cloning the submodules

[Bernd Bauer]

[-- Attachment #1: Type: text/plain, Size: 1068 bytes --]

Hi!

I think I have found a bug in the bitbucket git sumbodule fetcher.

In my example I try to clone a repository with submodules using gitsm.
The git server here needs authentication. Also for the submodules.
These credentials are encoded in the URL of the submodule.
See example below.
The main repo can still be cloned because the credentials are stored
in the recipe itself.
But for the submodules, the password is not used.

My patch uses the password if one is available.

I have found the bug in poky warrior branch that I'm currently using.
In the fido branch gitsm works with username and password.
(I know... fido is quite old, but I'm also using this version.)

Example .gitmodules
---------------------------------------------------------
[submodule "sub1"]
        path = sub1
        url = https://user:password@test.org/url/to/sub1
---------------------------------------------------------

Greets Bernd
--
| |O| | Bauer Bernd
| | |O| Sicher ist vi benutzerfreundlich,
|O|O|O| es ist nur eigen in der Wahl seiner Freunde.

[-- Attachment #2: 0001-Add-password-to-repo-url-if-available.patch --]
[-- Type: text/x-patch, Size: 1260 bytes --]

From baa4dd493c2f3787b53dc6a3e8d62a4df71f448c Mon Sep 17 00:00:00 2001
From: Bernd Bauer <bernd.bauer@gmx.at>
Date: Fri, 27 Mar 2020 10:30:49 +0100
Subject: [PATCH] Add password to repo url if available

To clone a repo with submodules the first repo url to fetch
is deposited in the recipe.
But the URLs from the submodules are listed in the .gitmodules
file.
If the submodule url is an https with an username and a password
(or a bitbucket URL token) the password is not in the ud.user
but in the ud.pswd variable.
So in this case the url is made up by ud.user and ud.pswd.

Signed-off-by: Bernd Bauer <bernd.bauer@gmx.at>
---
 bitbake/lib/bb/fetch2/git.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/bitbake/lib/bb/fetch2/git.py b/bitbake/lib/bb/fetch2/git.py
index 80caf109b1..09c8bb2f2b 100644
--- a/bitbake/lib/bb/fetch2/git.py
+++ b/bitbake/lib/bb/fetch2/git.py
@@ -572,7 +572,9 @@ class Git(FetchMethod):
         """
         Return the repository URL
         """
-        if ud.user:
+        if ud.user and ud.pswd:
+            username = ud.user + ':' + ud.pswd + '@'
+        elif ud.user:
             username = ud.user + '@'
         else:
             username = ""
--
2.22.2

Re: [bitbake-devel] Gitsm does not use credentials when cloning the submodules

[Paul Barker]

On Wed, 1 Apr 2020 at 20:17, Bernd Bauer <bernd.bauer@gmx.at> wrote:
>
> Hi!
>
> I think I have found a bug in the bitbucket git sumbodule fetcher.
>
> In my example I try to clone a repository with submodules using gitsm.
> The git server here needs authentication. Also for the submodules.
> These credentials are encoded in the URL of the submodule.
> See example below.
> The main repo can still be cloned because the credentials are stored
> in the recipe itself.
> But for the submodules, the password is not used.
>
> My patch uses the password if one is available.
>
> I have found the bug in poky warrior branch that I'm currently using.
> In the fido branch gitsm works with username and password.
> (I know... fido is quite old, but I'm also using this version.)
>
> Example .gitmodules
> ---------------------------------------------------------
> [submodule "sub1"]
>         path = sub1
>         url = https://user:password@test.org/url/to/sub1
> ---------------------------------------------------------
>

This looks good at first glance but needs some further review once
it's sent in the correct format. Please read
https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines and
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded
and re-submit the patch.

Thanks,
Paul