def _init_repo(self, uri): if os.path.exists(self.cache_dir): self.repo = pygit2.Repository(self.cache_dir) else: os.makedirs(self.cache_dir) self.repo = pygit2.init_repository(self.cache_dir, bare=True) self.repo.create_remote('origin', self.url) if 'ssh' in self.transport: if '@' in self.url: user, _, _ = self.url.partition('@') else: user = '******' if uri.pubkey is not None: creds = pygit2.Keypair(user, uri.pubkey, uri.privkey, uri.password) else: creds = pygit2.KeypairFromAgent(user) pygit2_version = pygit2.__version__ if distutils.version.LooseVersion( pygit2_version) >= distutils.version.LooseVersion( '0.23.2'): self.remotecallbacks = pygit2.RemoteCallbacks( credentials=creds) self.credentials = None else: self.remotecallbacks = None self.credentials = creds
def __init__(self, repo_path, remote_url=None, credentials=None, init=False, logger=None): self.path = repo_path self.remote = remote_url is not None or credentials is not None self.logger = None if logger is None else logger if credentials is not None: username = credentials['username'] pubkey = credentials['pubkey'] privkey = credentials['privkey'] passphrase = credentials['passphrase'] self.credentials = pygit2.Keypair(username, pubkey, privkey, passphrase) self.callback = Callback(credentials=self.credentials) if remote_url is not None: pygit2.clone_repository(remote_url, repo_path, callbacks=self.callback) self.repo = pygit2.Repository(repo_path) else: if init: self.repo = pygit2.init_repository(repo_path) else: self.repo = pygit2.Repository(repo_path)
def credentials(self, url, username_from_url, allowed_types): if allowed_types & pygit2.credentials.GIT_CREDTYPE_USERNAME: return pygit2.Username("git") elif allowed_types & pygit2.credentials.GIT_CREDTYPE_SSH_KEY: return pygit2.Keypair(username_from_url, self.config.SSH_PUB_KEY, self.config.SSH_PRI_KEY, self.config.SSH_PRI_KEY) else: return None
def __init__(self,force=False,update=False,failed=False,ssh_sources=None,ssh_key=os.path.join(os.environ['HOME'],'.ssh','id_rsa'),sources=None,rm_first=False,**kwargs): ''' if sources is None, repositories of all sources are cloned. Otherwise, considered as a whitelist of sources to batch-clone. sources listed in ssh_sources will be retrieved through SSH protocol, others with HTTPS syntax: {source_name:source_ssh_key_path} if the value source_ssh_key_path is None, it uses the main ssh_key arg ''' self.force = force self.update = update self.failed = failed self.rm_first = rm_first self.ssh_key = ssh_key if ssh_sources is None: self.ssh_sources = {} else: self.ssh_sources = copy.deepcopy(ssh_sources) self.callbacks = {} for k,v in list(self.ssh_sources.items()): if v is None: self.ssh_sources[k] = self.ssh_key ssh_key = self.ssh_key else: ssh_key = v keypair = pygit2.Keypair('git',ssh_key+'.pub',ssh_key,'') self.callbacks[k] = pygit2.RemoteCallbacks(credentials=keypair) fillers.Filler.__init__(self,**kwargs)
def credentials(self, url, username_from_url, allowed_types): if allowed_types & pygit2.credentials.GIT_CREDTYPE_USERNAME: return pygit2.Username(username_from_url) elif pygit2.credentials.GIT_CREDTYPE_SSH_KEY & allowed_types: if "SSH_AUTH_SOCK" in os.environ: # Use ssh agent for authentication print( f"SSH_AUTH_SOCK set {username_from_url} {url} {os.environ['SSH_AUTH_SOCK']}" ) return pygit2.KeypairFromAgent(username_from_url) else: print("default") ssh = os.path.join(os.path.expanduser("~"), ".ssh") pubkey = os.path.join(ssh, "id_rsa.pub") privkey = os.path.join(ssh, "id_rsa") # check if ssh key is available in the directory if os.path.isfile(pubkey) and os.path.isfile(privkey): return pygit2.Keypair(username_from_url, pubkey, privkey, "") else: raise Exception( "No SSH keys could be found, please specify SSH_AUTH_SOCK or add keys to " + "your ~/.ssh/") # end # end raise Exception( "Only unsupported credential types allowed by remote end")
def _get_credentials(_auth): if not _auth: return None _agent = _auth.get("agent", False) _public_key = _auth.get("public_key", None) _private_key = _auth.get("private_key", None) _username = _auth.get("user", None) _passphrase = _auth.get("pass", None) if _agent: credentials = pygit2.KeypairFromAgent(_username or "git") elif _public_key and _private_key: if os.path.exists(_public_key) and os.path.exists(_private_key): credentials = pygit2.Keypair(_username or "git", _public_key, _private_key, _passphrase or "") else: credentials = pygit2.KeypairFromMemory(_username or "git", _public_key, _private_key, _passphrase or "") elif _username and _passphrase: credentials = pygit2.UserPass(_username, _passphrase) elif _username: credentials = pygit2.Username(_username) else: credentials = None return credentials
def credentials(self, url, username_from_url, allowed_types): if allowed_types & pygit2.credentials.GIT_CREDENTIAL_SSH_KEY: return pygit2.Keypair(username_from_url, str(Path.home() / '.ssh' / 'id_rsa.pub'), str(Path.home() / '.ssh' / 'id_rsa'), '') elif allowed_types & pygit2.credentials.GIT_CREDENTIAL_USERNAME: return pygit2.Username(username_from_url) return None
def credentials(self, url, username_from_url, allowed_types): if allowed_types & pygit2.credentials.GIT_CREDTYPE_USERNAME: return pygit2.Username(GIT_USERNAME) elif allowed_types & pygit2.credentials.GIT_CREDTYPE_SSH_KEY: return pygit2.Keypair(GIT_USERNAME, join(HOME, SSH_PUBLIC_KEY), join(HOME, SSH_PRIVATE_KEY), "") else: return None
def credentials(self, url, username_from_url, allowed_types): if allowed_types & pygit2.credentials.GIT_CREDENTIAL_USERNAME: return pygit2.Username(self.username) if allowed_types & pygit2.credentials.GIT_CREDENTIAL_SSH_KEY: return pygit2.Keypair(self.username, self.ssh_key_public_path, self.ssh_key_private_path, '') return None
def test_keypair(tmp_path, pygit2_empty_key): url = 'ssh://[email protected]/pygit2/empty' with pytest.raises(pygit2.GitError): pygit2.clone_repository(url, tmp_path) prv, pub, secret = pygit2_empty_key keypair = pygit2.Keypair("git", pub, prv, secret) callbacks = pygit2.RemoteCallbacks(credentials=keypair) pygit2.clone_repository(url, tmp_path, callbacks=callbacks)
def credentials(self, url, username_from_url, allowed_types): username = username_from_url if username_from_url else self.username if allowed_types & pygit2.credentials.GIT_CREDENTIAL_SSH_KEY: return pygit2.Keypair(username, self.public_key_file, self.private_key_file, '') elif allowed_types & pygit2.credentials.GIT_CREDENTIAL_USERPASS_PLAINTEXT: return pygit2.UserPass(username, self.password) else: return None
def credentials(self, url, username_from_url, allowed_types): # print('[credentials]', url, username_from_url, allowed_types) if allowed_types == pygit2.GIT_CREDTYPE_SSH_KEY: return pygit2.Keypair('git', self.__id_rsa_pub, self.__id_rsa, '') elif allowed_types == pygit2.GIT_CREDTYPE_USERPASS_PLAINTEXT: return pygit2.UserPass(self.__username, self.__password) else: raise RuntimeError( 'unsupported authentication type: {}'.format( allowed_types))
def credentials(self, url, username_from_url, allowed_types): if allowed_types & pygit2.credentials.GIT_CREDENTIAL_USERNAME: return pygit2.Username('git') elif allowed_types & pygit2.credentials.GIT_CREDENTIAL_SSH_KEY: if self.passphrase is None: self.passphrase = getpass('passphrase: ') return pygit2.Keypair('git', os.path.expanduser('~/.ssh/id_rsa.pub'), os.path.expanduser('~/.ssh/id_rsa'), self.passphrase) else: return None
def read_configfile(config_filename): """ Read and parse given configfile """ global TEMP_PATH global ZABBIX_URL, ZABBIX_USER, ZABBIX_PASSWORD, ZABBIX_TEMPLATE_EXPORT_GROUP, \ ZABBIX_TEMPLATE_ROOT_GROUP global GIT_URL, GIT_BRANCH, GIT_CALLBACKS, GIT_SIGNATURE # Find and read configfile config = configparser.ConfigParser() configfile = '%s.conf' % config_filename print(f'Reading configfile {configfile}') for loc in os.path.join(os.curdir, configfile), \ os.path.join(os.path.expanduser('~'), configfile), \ resource_filename(__name__, os.path.join("../../../../etc/zbxtpltools/", configfile)): try: with open(loc) as source: config.read_file(source) break except IOError: pass if not config.has_option('zabbix', 'url'): raise Exception('Could not read configfile ' + loc) TEMP_PATH = config['general']['temp_path'] ZABBIX_URL = config['zabbix']['url'] ZABBIX_USER = config['zabbix']['user'] ZABBIX_PASSWORD = config['zabbix']['password'] LOGGER.info("Zabbix URL: %s - API user: %s", ZABBIX_URL, ZABBIX_USER) ZABBIX_TEMPLATE_EXPORT_GROUP = config['zabbix']['template_export_group'] ZABBIX_TEMPLATE_ROOT_GROUP = config['zabbix']['template_root_group'] GIT_URL = config['git']['url'] GIT_BRANCH = config['git']['branch'] GIT_USER = re.search(r'(?:https?|ssh)://([^@?/:]+)', GIT_URL).group(1) GIT_CALLBACKS = GitRemoteCallbacks( credentials=pygit2.Keypair(GIT_USER, find_file(config['git']['ssh_pubkey']), find_file(config['git']['ssh_privkey']), '')) GIT_SIGNATURE = pygit2.Signature(config['git']['author_name'], config['git']['author_email']) LOGGER.info("Git URL: %s - branch: %s", GIT_URL, GIT_BRANCH)
def migrate(function, _s_old, _s_new): assert function(_s_old) == _s_new folder = '/tmp/migrate_script_iemldb' if os.path.isdir(folder): shutil.rmtree(folder) # os.mkdir(folder) git_address = "https://github.com/IEMLdev/ieml-language.git" credentials = pygit2.Keypair('ogrergo', '~/.ssh/id_rsa.pub', '~/.ssh/id_rsa', None) gitdb = GitInterface(origin=git_address, credentials=credentials, folder=folder) signature = pygit2.Signature("Louis van Beurden", "*****@*****.**") db = IEMLDatabase(folder=folder, use_cache=False) to_migrate = {} desc = db.get_descriptors() struct = db.get_structure() for s in db.get_dictionary().scripts: s2 = function(s) if s2 != s: to_migrate[s] = s2 print(to_migrate) with gitdb.commit( signature, "[Translate script] Translate paradigm from '{}' to '{}".format( str(_s_old), str(_s_new))): for s_old, s_new in to_migrate.items(): db.remove_structure(s_old) for (_, key), values in struct.get_values_partial(s_old).items(): for v in values: db.add_structure(s_new, key, v) db.remove_descriptor(s_old) for (_, lang, d), values in desc.get_values_partial(s_old).items(): for v in values: db.add_descriptor(s_new, lang, d, v)
def credentials(self, url, username_from_url, allowed_types): """ The callback to return a suitable authentication method. it supports GIT_CREDTYPE_SSH_KEY and GIT_CREDTYPE_USERPASS_PLAINTEXT GIT_CREDTYPE_SSH_KEY with an ssh agent configured in the env variable SSH_AUTH_SOCK or with id_rsa and id_rsa.pub in ~/.ssh (password must be the empty string) GIT_CREDTYPE_USERPASS_PLAINTEXT from the env variables GIT_USERNAME and GIT_PASSWORD """ if pygit2.credentials.GIT_CREDTYPE_SSH_KEY & allowed_types: if "SSH_AUTH_SOCK" in os.environ: # Use ssh agent for authentication return pygit2.KeypairFromAgent(username_from_url) else: ssh = join(expanduser('~'), '.ssh') if "QUIT_SSH_KEY_HOME" in os.environ: ssh = os.environ["QUIT_SSH_KEY_HOME"] # public key is still needed because: # pygit2._pygit2.GitError: Failed to authenticate SSH session: # Unable to extract public key from private key file: # Method unimplemented in libgcrypt backend pubkey = join(ssh, 'id_rsa.pub') privkey = join(ssh, 'id_rsa') # check if ssh key is available in the directory if os.path.isfile(pubkey) and os.path.isfile(privkey): return pygit2.Keypair(username_from_url, pubkey, privkey, "") else: raise Exception( "No SSH keys could be found, please specify SSH_AUTH_SOCK or add keys to " + "your ~/.ssh/") elif pygit2.credentials.GIT_CREDTYPE_USERPASS_PLAINTEXT & allowed_types: if self.session and "OAUTH_TOKEN" in self.session: return pygit2.UserPass(self.session["OAUTH_TOKEN"], 'x-oauth-basic') elif "GIT_USERNAME" in os.environ and "GIT_PASSWORD" in os.environ: return pygit2.UserPass(os.environ["GIT_USERNAME"], os.environ["GIT_PASSWORD"]) else: raise Exception( "Remote requested plaintext username and password authentication but " + "GIT_USERNAME or GIT_PASSWORD are not set.") else: raise Exception( "Only unsupported credential types allowed by remote end")
def __init__(self, folder='.', ssh_mode=False, ssh_key=os.path.join(os.environ['HOME'], '.ssh/id_rsa'), db_folder=None, **db_cfg): # self.repo_list = [] # self.add_list(repo_list) self.folder = folder self.make_folder() # creating folder if not existing self.logger = logger self.ssh_mode = ssh_mode #SSH if True, HTTPS otherwise if ssh_mode: # setting ssh credentials keypair = pygit2.Keypair('git', ssh_key + '.pub', ssh_key, '') self.callbacks = pygit2.RemoteCallbacks(credentials=keypair) else: self.callbacks = None if db_folder is None: db_folder = self.folder self.set_db(db_folder=db_folder, **db_cfg)
def get_git_repository(url: str, owner: str, name: str): """Clone or update a repository.""" base_dir = config['cloning']['temporary_clone_path'] clone_dir = os.path.join(base_dir, owner, name) if os.path.exists(clone_dir): shutil.rmtree(clone_dir) callbacks = None if 'https://' not in url: keypair = pygit2.Keypair(username=config['cloning']['ssh_user'], pubkey=config['cloning']['public_key'], privkey=config['cloning']['private_key'], passphrase=config['cloning']['ssh_password']) callbacks = pygit2.RemoteCallbacks(credentials=keypair) os.makedirs(clone_dir) repo = clone_repository(url, clone_dir, bare=True, callbacks=callbacks) repo = Repository(clone_dir) return repo
def credentials(self, url, username_from_url, allowed_types): if allowed_types & pygit2.credentials.GIT_CREDENTIAL_USERNAME: return pygit2.Username("git") elif allowed_types & pygit2.credentials.GIT_CREDENTIAL_SSH_KEY: return pygit2.Keypair( "git", os.path.expanduser('~/.ssh/id_rsa.pub'), os.path.expanduser('~/.ssh/id_rsa'), "") elif allowed_types & pygit2.credentials.GIT_CREDENTIAL_USERPASS_PLAINTEXT: # noqa # try to read from git-credential-helper parts = urllib.parse.urlparse(url) logging.debug( 'Tring to get credential from git-credential: %s %s', parts.scheme, parts.netloc ) stdin = 'protocol={0.scheme}\nhost={0.netloc}\n' \ .format(parts) try: result = subprocess.run( ['git', 'credential', 'fill'], input=stdin.encode('utf-8'), capture_output=True, check=True) for line in result.stdout.decode('utf-8').split('\n'): logging.debug('Got line: %s', line) if line.startswith('username='******'=', 1)[1] elif line.startswith('password='******'=', 1)[1] logging.debug('Got %r %r', username, password) return pygit2.UserPass(username, password) except Exception: # When libgit2 callback do not print traceback when # error, we do it manually. logging.exception( 'Error when get credential from git-credential') return None else: return None
"[E:S:. (E:.-wa.-t.o.-' E:.-'wu.-S:.-'t.o.-',)(u.A:.-) > ! E:.n.- (E:.wo.- E:S:.-d.u.-')(l.-T:.U:.-',n.-T:.A:.-',t.o.-f.o.-',_) > E:.t.- (E:.wo.- E:S:.-d.u.-')(p.E:S:B:.-) > E:.l.- (E:.wo.- E:.-U:.d.-l.-' E:S:.-d.u.-')(n.-T:.U:.-') > E:.f.- (E:.wo.- E:S:.-d.u.-')(n.i.-d.i.-t.u.-')]", "[E:S:. (E:.-wa.-t.o.-' E:.-'wu.-S:.-'t.o.-',)(u.A:.-) > ! E:.n.- (E:.wo.- E:S:.-d.u.-')(l.-T:.U:.-',n.-T:.A:.-',t.o.-f.o.-',_) > E:.l.- (E:.wo.- E:.-U:.d.-l.-' E:S:.-d.u.-')(n.-T:.U:.-') > E:.f.- (E:.wo.- E:S:.-d.u.-')(n.i.-d.i.-t.u.-')]", "[! E:S:. (E:.-wa.-t.o.-' E:.-'we.-S:.-'t.o.-',)(l.-T:.U:.-',n.-T:.A:.-',t.o.-f.o.-',_)]", "[E:S:. (E:.-wa.-t.o.-' E:.-'wu.-S:.-'t.o.-',)(u.A:.-) > ! E:.n.- (E:.wo.- E:S:.-d.u.-')(l.-T:.U:.-',n.-T:.A:.-',t.o.-f.o.-',_) > E:.t.- (E:.wo.- E:S:.-d.u.-')(S:.E:A:S:.-) > E:.l.- (E:.wo.- E:.-U:.d.-l.-' E:S:.-d.u.-')(n.-T:.U:.-') > E:.f.- (E:.wo.- E:S:.-d.u.-')(n.i.-d.i.-t.u.-')]", "[E:S:. (E:.-wa.-t.o.-' E:.-'wu.-S:.-'t.o.-',)(u.A:.-) > ! E:.n.- (E:.wo.- E:S:.-d.u.-')(l.-T:.U:.-',n.-T:.A:.-',t.o.-f.o.-',_) > E:.l.- (E:.wo.- E:.-U:.d.-l.-' E:S:.-d.u.-')(n.-T:.U:.-') > E:.f.- (E:.wo.- E:S:.-d.u.-')(n.i.-d.i.-t.u.-') > E:.s.- (E:.wo.- E:T:.h.- E:S:.-d.u.-')(s.j.- d.-S:.U:.-')]" ] if __name__ == '__main__': folder = '/tmp/migrate_script_iemldb' if os.path.isdir(folder): shutil.rmtree(folder) git_address = "https://github.com/IEMLdev/ieml-language.git" credentials = pygit2.Keypair('git', '~/.ssh/id_rsa.pub', '~/.ssh/id_rsa', None) gitdb = GitInterface(origin=git_address, credentials=credentials, folder=folder) # gitdb.pull() signature = pygit2.Signature("Louis van Beurden", "*****@*****.**") db = IEMLDatabase(folder=folder, use_cache=False) desc = db.get_descriptors() struct = db.get_structure() to_migrate = {}
def remote_keypair(): userhome = os.path.expanduser('~') return pygit2.Keypair('git', os.path.join(userhome, '.ssh', 'id_ed25519.pub'), os.path.join(userhome, '.ssh', 'id_ed25519'), '')
print("Repository Exist") ORG_REPOSITORY_URL = getRepository.json()['ssh_url'] NEW_REPOSITORY_URL = CORP_CODE + "-" + ORG_REPOSITORY else: print("-> " + getRepository.json()['message']) exit(0) ## Clone Repository repoClone = "" keypair = "" if os.path.isdir(NEW_REPOSITORY_URL): print("ERR: Directory is exist") exit(0) try: keypair = pygit2.Keypair("git", "/home/bkchoi/.ssh/id_rsa.pub", "/home/bkchoi/.ssh/id_rsa", "") callbacks = pygit2.RemoteCallbacks(credentials=keypair) repoClone = pygit2.clone_repository(ORG_REPOSITORY_URL, NEW_REPOSITORY_URL, callbacks=callbacks) except Exception as ex: print('ERR: ', ex) exit(0) ## Delete Repository url = "https://api.github.com/repos/bkchoi-virnect/" + NEW_REPOSITORY_URL payload = {} deleteRepository = requests.request("DELETE", url, headers=headers, data=payload)
def init_credentials(self): ssh_cred = pygit2.Keypair(self.ssh_user, self.ssh_key_pub, self.ssh_key_priv, "") self.credentials_callbacks = pygit2.RemoteCallbacks(credentials=ssh_cred)
import shutil import re import time # http: //www.pygit2.org/recipes/git-clone-ssh.html #https: //docs.python.org/2/library/tempfile.html RepoUser = '******' RepoPub = os.path.expanduser('~/.ssh/id_rsa.pub') RepoPrv = os.path.expanduser('~/.ssh/id_rsa') repoUrl = mkdtemp() pygit2.init_repository(repoUrl)# blank local origin # Setup master repo on load. masterRepoDir = mkdtemp()# this dir gets a repo with a checked out copy of master keypair = pygit2.Keypair(RepoUser, RepoPub, RepoPrv, "") callbacks = pygit2.RemoteCallbacks(credentials = keypair) masterRepo = pygit2.clone_repository(repoUrl, masterRepoDir, callbacks = callbacks) remoteRegex = re.compile(r'^refs/remotes/origin/') localRegex = re.compile(r'^refs/heads/') class activeProposalsClass(): master=[] def activeProposals(): return(activeProposalsClass.master) def regenerateActiveProposals(): #Return a list of active proposals. out = [] mergeRepo = pygit2.clone_repository( masterRepoDir,tempfile.mkdtemp()) branches = filter(remoteRegex, list(mergeRepo.references))
parser.add_argument("templates", metavar="template", nargs="?", help="Specify the template to parse (default: all)") args = parser.parse_args() logging.basicConfig(level=logging.INFO) # Cache software feeds so we don't make multiple calls in one run feeds = {} # We only support key-based authentication if args.sshpassword: gitkeypair = pygit2.Keypair("git", os.path.expanduser("~/.ssh/id_rsa.pub"), os.path.expanduser("~/.ssh/id_rsa"), args.sshpassword) elif not args.nosshagent: if 'SSH_AUTH_SOCK' not in os.environ: logging.error("SSH agent selected but no SSH agent is running") exit(1) # Check if someone is actually authenticated if subprocess.run(['ssh-add', '-l']).returncode == 0: gitkeypair = pygit2.Keypair("git", None, None, "") else: logging.error("SSH agent selected but no active sessions") exit(1) else:
def for_pygit2(self): """Use SSH key to connect with git""" return pygit2.Keypair(self.user, self.pub, self.key, "")
import pygit2 from ieml.ieml_database import GitInterface from ieml.ieml_database.transactions.DBTransaction import DBTransactions from ieml.usl import Word from ieml.usl.lexeme import Lexeme def migrate(u): if not isinstance(u, (Lexeme, Word)): return str(u) return str(u) + ' asdasd' if __name__ == '__main__': gitdb = GitInterface(origin='ssh://[email protected]/ogrergo/ieml-language.git', credentials=pygit2.Keypair('git', '/home/louis/.ssh/id_rsa.pub', '/home/louis/.ssh/id_rsa', ''), folder='/tmp/gitdb') gitdb.pull() signature = pygit2.Signature("Louis van Beurden", "*****@*****.**") transaction = DBTransactions(gitdb, signature) transaction.update_all_ieml(migrate, "Test de migration")