Buf v0.5.0 is released - allow HTTPS basic auth and SSH public key auth for private inputs
83 views
Skip to first unread message
bufbuild-announce
Jan 1, 2020, 5:06:59 PM1/1/20
to bufbuild-announce
We have released Buf v0.5.0.
Tarballs, git repositories, and image files can be read from remote locations. For those remote locations that need authentication, v0.5.0 adds a couple mechanisms.
HTTPS
Basic authentication can be specified for remote tarballs, git repositories, and image files over
https with the following environment variables:
- BUF_INPUT_HTTPS_USERNAME - The username. For GitHub, this is your GitHub user.
- BUF_INPUT_HTTPS_PASSWORD - The password. For GitHub, this is a personal access token for your GitHub User.
Assuming these environment variables are set up, you can call Buf as you normally would:
$ buf check lint --input https://github.com/org/private-repo.git#branch=master
$ buf check lint --input https://github.com/org/private-repo/archive/master.tar.gz#strip_components=1
$ buf check breaking --against-input https://github.com/org/private-repo.git#branch=master
SSH
Public key authentication can be used for remote git repositories over ssh. By default, Buf will
look for:
- A private key file with no passphrase at ~/.ssh/id_rsa.
- A known hosts file at either ~/.ssh/known_hosts or /etc/ssh/ssh_known_hosts.
The following environment variables can be used to customize these locations:
- BUF_INPUT_SSH_KEY_FILE - The path to the private key file.
- BUF_INPUT_SSH_KEY_PASSPHRASE - The passphrase for the private key.
- BUF_INPUT_SSH_KNOWN_HOSTS_FILES - A colon-separated list of known hosts file paths.
Assuming these default files exist or these environment variables are set up, you can call Buf as you normally would:
$ buf check lint --input ssh://g...@github.com/org/private-repo.git#branch=master
$ buf check breaking --against-input ssh://g...@github.com/org/private-repo.git#branch=master
Note that CI services such as CircleCI have a private key and known hosts file pre-installed, so
this should work out of the box.
HTTPS
Basic authentication can be specified for remote tarballs, git repositories, and image files over
https with the following environment variables:
- BUF_INPUT_HTTPS_USERNAME - The username. For GitHub, this is your GitHub user.
- BUF_INPUT_HTTPS_PASSWORD - The password. For GitHub, this is a personal access token for your GitHub User.
Assuming these environment variables are set up, you can call Buf as you normally would:
$ buf check lint --input https://github.com/org/private-repo.git#branch=master
$ buf check lint --input https://github.com/org/private-repo/archive/master.tar.gz#strip_components=1
$ buf check breaking --against-input https://github.com/org/private-repo.git#branch=master
SSH
Public key authentication can be used for remote git repositories over ssh. By default, Buf will
look for:
- A private key file with no passphrase at ~/.ssh/id_rsa.
- A known hosts file at either ~/.ssh/known_hosts or /etc/ssh/ssh_known_hosts.
The following environment variables can be used to customize these locations:
- BUF_INPUT_SSH_KEY_FILE - The path to the private key file.
- BUF_INPUT_SSH_KEY_PASSPHRASE - The passphrase for the private key.
- BUF_INPUT_SSH_KNOWN_HOSTS_FILES - A colon-separated list of known hosts file paths.
Assuming these default files exist or these environment variables are set up, you can call Buf as you normally would:
$ buf check lint --input ssh://g...@github.com/org/private-repo.git#branch=master
$ buf check breaking --against-input ssh://g...@github.com/org/private-repo.git#branch=master
Note that CI services such as CircleCI have a private key and known hosts file pre-installed, so
this should work out of the box.
The brew tap and documentation have also been updated, and the buf-example repository now uses SSH for CircleCI builds.
Reply all
Reply to author
Forward
0 new messages