From 12816aacd39287d870679a57ff7c0c71eecb6f8c Mon Sep 17 00:00:00 2001 From: Michael Grupp Date: Thu, 5 Apr 2018 10:30:35 +0200 Subject: [PATCH] Pass GitHub access token to Dockerfile. (#787) --- .travis.yml | 6 ++++-- Dockerfile.indigo | 5 ++++- Dockerfile.kinetic | 5 ++++- Dockerfile.lunar | 5 ++++- scripts/check_access_token.sh | 22 ++++++++++++++++++++++ 5 files changed, 38 insertions(+), 5 deletions(-) create mode 100755 scripts/check_access_token.sh diff --git a/.travis.yml b/.travis.yml index b524ecc..aff41db 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,9 +26,11 @@ env: - ROS_RELEASE=kinetic DOCKER_CACHE_FILE=/home/travis/docker/kinetic-cache.tar.gz - ROS_RELEASE=lunar DOCKER_CACHE_FILE=/home/travis/docker/lunar-cache.tar.gz -before_install: scripts/load_docker_cache.sh +before_install: + - scripts/check_access_token.sh $GITHUB_TOKEN + - scripts/load_docker_cache.sh install: true script: - - docker build ${TRAVIS_BUILD_DIR} -t cartographer_ros:${ROS_RELEASE} -f Dockerfile.${ROS_RELEASE} + - docker build ${TRAVIS_BUILD_DIR} -t cartographer_ros:${ROS_RELEASE} -f Dockerfile.${ROS_RELEASE} --build-arg github_token=${GITHUB_TOKEN} - scripts/save_docker_cache.sh diff --git a/Dockerfile.indigo b/Dockerfile.indigo index 52b1777..2ea9ed6 100644 --- a/Dockerfile.indigo +++ b/Dockerfile.indigo @@ -16,10 +16,13 @@ FROM ros:indigo ARG CARTOGRAPHER_VERSION=master +# We require a GitHub access token to be passed. +ARG github_token + # First, we invalidate the entire cache if googlecartographer/cartographer has # changed. This file's content changes whenever master changes. See: # http://stackoverflow.com/questions/36996046/how-to-prevent-dockerfile-caching-git-clone -ADD https://api.github.com/repos/googlecartographer/cartographer/git/refs/heads/master \ +ADD https://api.github.com/repos/googlecartographer/cartographer/git/refs/heads/master?access_token=$github_token \ cartographer_ros/cartographer_version.json # wstool needs the updated rosinstall file to clone the correct repos. diff --git a/Dockerfile.kinetic b/Dockerfile.kinetic index 0da1a97..d7a26c3 100644 --- a/Dockerfile.kinetic +++ b/Dockerfile.kinetic @@ -16,13 +16,16 @@ FROM ros:kinetic ARG CARTOGRAPHER_VERSION=master +# We require a GitHub access token to be passed. +ARG github_token + # Xenial's base image doesn't ship with sudo. RUN apt-get update && apt-get install -y sudo && rm -rf /var/lib/apt/lists/* # First, we invalidate the entire cache if googlecartographer/cartographer has # changed. This file's content changes whenever master changes. See: # http://stackoverflow.com/questions/36996046/how-to-prevent-dockerfile-caching-git-clone -ADD https://api.github.com/repos/googlecartographer/cartographer/git/refs/heads/master \ +ADD https://api.github.com/repos/googlecartographer/cartographer/git/refs/heads/master?access_token=$github_token \ cartographer_ros/cartographer_version.json # wstool needs the updated rosinstall file to clone the correct repos. diff --git a/Dockerfile.lunar b/Dockerfile.lunar index 344b17e..f5af22a 100644 --- a/Dockerfile.lunar +++ b/Dockerfile.lunar @@ -16,13 +16,16 @@ FROM ros:lunar ARG CARTOGRAPHER_VERSION=master +# We require a GitHub access token to be passed. +ARG github_token + # Xenial's base image doesn't ship with sudo. RUN apt-get update && apt-get install -y sudo && rm -rf /var/lib/apt/lists/* # First, we invalidate the entire cache if googlecartographer/cartographer has # changed. This file's content changes whenever master changes. See: # http://stackoverflow.com/questions/36996046/how-to-prevent-dockerfile-caching-git-clone -ADD https://api.github.com/repos/googlecartographer/cartographer/git/refs/heads/master \ +ADD https://api.github.com/repos/googlecartographer/cartographer/git/refs/heads/master?access_token=$github_token \ cartographer_ros/cartographer_version.json # wstool needs the updated rosinstall file to clone the correct repos. diff --git a/scripts/check_access_token.sh b/scripts/check_access_token.sh new file mode 100755 index 0000000..da82968 --- /dev/null +++ b/scripts/check_access_token.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# Usage: ./check_access_token.sh ACCESS_TOKEN +# Returns non-zero exit code if ACCESS_TOKEN is invalid. + +if [ "$#" -ne 1 ]; then + echo "Please provide an access token to $0" 1>&2 + exit 1 +fi +token=$1 + +set -e +function on_error { + echo "Failed to validate GitHub access token!" 1>&2 + exit 1 +} +trap on_error ERR + +test_response=$(curl -s https://api.github.com/?access_token=${token}) + +echo $test_response | grep -ivq "bad credentials" +echo $"GitHub access token is valid."