feat: support auth for gitlab private repository #9044
Conversation
|
| @@ -163,6 +163,9 @@ export abstract class AppUpdater extends (EventEmitter as new () => TypedEmitter | |||
| addAuthHeader(token: string) { | |||
| this.requestHeaders = Object.assign({}, this.requestHeaders, { | |||
| authorization: token, | |||
|
|
|||
| // for gitlab private token | |||
| "PRIVATE-TOKEN": token, | |||
There was a problem hiding this comment.
This would apply to all updater configs and could maybe cause a request rejection due to unknown header?
I'd be more comfortable if this were applied elsewhere by detecting if the url contains gitlab.com/api OR atleast make it conditionally applied within addAuthHeader
There was a problem hiding this comment.
First, thank you for your review!
Actually, I am not an expert in this area, but I tried to send such a header to gitlab and it worked. I also think that different headers should be sent for different types of URLs, but I don’t know the history of this code, so for safety, I added it in this way.
There was a problem hiding this comment.
If send headers for different types of URL sources, may encounter a challenge. That is, the developer may have his own gitlab server, match by the URL may not support?
(sorry, this is google translate..., my english is not good)
There was a problem hiding this comment.
Out of curiosity, why do we need to open up a helper method when this approach already works?
autoUpdater.requestHeaders = {"PRIVATE-TOKEN": "your-gitlab-token"};
Wondering if it's easier to just add documentation to the docs site on Gitlab integration.
How are you currently uploading the releases? If we were to take it one step further, we could add an official GitlabProvider by extending GenericProvider since it seems only a few changes are needed to support it?
Just would need links to the docs for also creating an GitlabPublisher for uploading and deleting a release
There was a problem hiding this comment.
When I first integrated electron-updater with a private GitLab repository, I was also confused by the helper method addAuthHeader(token) because it didn’t work as expected. Eventually, after checking the source code, I found that it was sending the wrong header. For GitLab developers, I think this helper method is actually misleading.
There was a problem hiding this comment.
Also, this is the way I publish the release: #9043 (comment)
implementation for #9043.
I added a
PRIVATE-TOKENfield in the implementation of the addAuthHeader(token) method in the electron-updater package to make it work with GitLab.Reference
https://github.com/Thibaut-Mouton/react-electron-autoupdate-with-gitlab