Hello,
We are building documentation for a private Rust project A hosted on GitHub which depends on another private GitHub repository B. We don’t want to leak tokens in our source code, so the project A references the project B with a URL which has no GitHub token in it. This is what can be found in the Cargo.toml
file:
project-B = { git = "https://GITHUB_TOKEN@github.com/company/project-B.git", tag = "v0.14.0" }
On our local machine and in continuous integration (CircleCI), we change the git configuration to replace the URL with the content of the token with the following command:
MY_GITHUB_TOKEN=abc1234
git config --global url."https://$MY_GITHUB_TOKEN@github.com/".insteadOf "https://GITHUB_TOKEN@github.com/"
Unfortunately, when we build the project in Netlify we don’t know how to do such substitution. We end up with a failed build with (redacted) logs such as:
6:36:33 PM: Updating git repository `https://GITHUB_TOKEN@github.com/company/project-B.git`
6:36:33 PM: fatal: could not read Password for 'https://GITHUB_TOKEN@github.com': No such device or address
6:36:33 PM: error: failed to get `project-B` as a dependency of package `project-A v1.26.9 (/opt/build/repo/project-A)`
6:36:33 PM: Caused by:
6:36:33 PM: failed to load source for dependency `project-B`
6:36:33 PM: Caused by:
6:36:33 PM: Unable to update https://GITHUB_TOKEN@github.com/company/project-B.git?tag=v0.14.0#d1cbfed2
6:36:33 PM: Caused by:
6:36:33 PM: failed to clone into: /opt/buildhome/.cargo/git/db/project-B-0d086a1f25ee6870
6:36:33 PM: Caused by:
6:36:33 PM: process didn't exit successfully: `git fetch --force --update-head-ok 'https://GITHUB_TOKEN@github.com/company/project-B.git' '+refs/tags/v0.14.0:refs/remotes/origin/tags/v0.14.0'` (exit status: 128)
Could you help us find a way to update the git configuration during build process?
I suppose we could create a build script in the repository that would fetch the token through an environment variable and run the git config
command but some help would be appreciated to avoid going around in circles.
Thank you!