Add Configuration variable to allow using custom Authorization header #710
Conversation
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
Lan-Hekary
force-pushed
the
feature/add-config-for-auth-header
branch
from
d0e6447 to
e32531f
Compare
There was a problem hiding this comment.
Pull Request Overview
Adds support for custom authorization headers by introducing a new environment variable BAZELISK_AUTH_HEADER, enabling the use of Bearer tokens and other authentication methods beyond basic auth for downloading Bazel releases.
- Introduces
BAZELISK_AUTH_HEADERenvironment variable for custom authorization headers - Modifies authentication logic to prioritize custom auth header over netrc credentials
- Documents the new configuration option with usage examples
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| httputil/httputil.go | Adds AuthHeader global variable and updates download logic to use custom auth when available |
| core/core.go | Implements getAuthHeader function to retrieve configuration value and sets httputil.AuthHeader |
| README.md | Documents the new BAZELISK_AUTH_HEADER environment variable with usage example |
Comments suppressed due to low confidence (1)
core/core.go:305
- Variable name 'auth_header' uses snake_case which is inconsistent with Go naming conventions. It should be renamed to 'authHeader' to follow camelCase convention.
auth_header := config.Get("BAZELISK_AUTH_HEADER")
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Lan-Hekary
force-pushed
the
feature/add-config-for-auth-header
branch
from
93623b9 to
086d75a
Compare
| if err == nil { | ||
| // successfully parsed netrc for given host | ||
| auth = t | ||
| if AuthHeader != "" { |
There was a problem hiding this comment.
I think we should raise an error if both AuthHeader is set and a .netrc file exists.
There was a problem hiding this comment.
Nope,
.netrc file can exists but does not have the host or does have the host and the password.
But for the specific endpoint to download you need to use the token.
This is the actual case in my infrastructure.
I have .netrc but I can't use the password in it as a basic auth header. I need a seperate Access Token for baselisk.
There was a problem hiding this comment.
Hello @fweikert
Do you have any other notes on this review ?
Hello,
I have a use case that I can't use Basic Auth to authenticate to the download server, but I can only use Bearer tokens.
so I made a new configuration variable to allow passing any custom string to Authorization header, including Bearer tokens.
I hope this helps other people.
Thanks