Automatic util/http handling of dynamic credentials · renovatebot/renovate#11325

(1 留言) (19 反應) (0 負責人)TypeScript (14,066 star) (1,916 fork)batch import

help wantedpriority-3-medium

描述

What would you like Renovate to be able to do?

Support dynamic credentials such as for AWS CodeArtifact or ECR in a simpler and more generic manner.

If you have any ideas on how this should be implemented, please tell us here.

Instead of pushing credentials awareness up to the datasource layer, instead we could reuse the existing authType field to tell the http layer that a token or username/password is not your "regular" Bearer or Basic one. e.g. we could support authType=aws-ecr and authType=code-artifact. The datasource could be agnostic to it and the http layer is responsible for generating the "real" token to use in the auth headers, and maybe even caching it too.

Is this a feature you are interested in implementing yourself?

Yes

貢獻者指南

技術棧: typescriptnodejs
領域: backendtoolingdevopsinfrastructure
議題類型: feature
難度: 3
預計時間: 1-2 days
活動狀態: fresh
清晰度: mostly clear
前置要求: Understanding of Renovate's HTTP layerKnowledge of authentication mechanismsFamiliarity with AWS CodeArtifact/ECR
新手友善度: 30
研究方向: Examine the existing http layer in Renovate, likely in packages/manager/http.ts, to understand how authType is currently used. Investigate how datasources like AWS ECR handle credentials. Design a mechanism to allow the http layer to dynamically generate tokens based on authType values. Consider caching and token refresh logic. No linked PRs or comments yet, so start by analyzing the codebase and proposing an implementation approach.