internal INuGetFeed HandleFeed(SecretKeyStore keyStore, string url, string name, SimpleCredentials creds)
{
Debug.Assert(_feed == null && url.Equals(Url, StringComparison.OrdinalIgnoreCase));
if (creds.IsSecretKeyName)
{
keyStore.DeclareSecretKey(creds.PasswordOrSecretKeyName, (s) => "PAT Used to authenticate CKli to the feeds, and retrieve informations about NuGet packages");
}
return(_feed = new ReadFeed(this, name, creds));
}
internal INuGetFeed HandleFeed(SecretKeyStore keyStore, string url, string name, SimpleCredentials creds)
{
Debug.Assert(_feed == null && url.Equals(Url, StringComparison.OrdinalIgnoreCase));
if (creds?.IsSecretKeyName == true)
{
keyStore.DeclareSecretKey(creds.PasswordOrSecretKeyName, current => current?.Description
?? $"Used to enable CKli to retrieve informations about NuGet packages from feed '{name}' and to configure NuGet.config file.");
}
return(_feed = new ReadFeed(this, name, creds));
}
void OnSolutionConfiguration(object sender, SolutionConfigurationEventArgs e)
{
// These values are not build secrets. They are required by ApplySettings to configure
// the NuGet.config file: once done, restore can be made and having these keys available
// as environement variables will not help.
var creds = e.Solution.ArtifactSources.OfType <INuGetFeed>()
.Where(s => s.Credentials != null && s.Credentials.IsSecretKeyName)
.Select(s => s.Credentials.PasswordOrSecretKeyName);
foreach (var c in creds)
{
_secretStore.DeclareSecretKey(c, current => current?.Description ?? "Needed to configure NuGet.config file.");
}
}
public CKSetupStore(
SecretKeyStore keyStore,
HttpClient sharedHttpClient,
Uri url,
string name)
{
_sharedHttpClient = sharedHttpClient;
_keyStore = keyStore;
Url = url;
Name = name;
SecretKeyName = name != "Public"
? $"CKSETUPREMOTESTORE_{name.ToUpperInvariant()}_PUSH_API_KEY"
: "CKSETUPREMOTESTORE_PUSH_API_KEY";
UniqueRepositoryName = CKSetupClient.CKSetupType.Name + ':' + name;
_keyStore.DeclareSecretKey(SecretKeyName, current => current?.Description ?? $"Required to push to '{UniqueRepositoryName}'.");
}
public CodeCakeBuilderKeyVaultFile(
CodeCakeBuilderFolder f,
SolutionDriver driver,
SolutionSpec solutionSpec,
SecretKeyStore secretStore,
SharedWorldState sharedState,
NormalizedPath branchPath)
: base(f.GitFolder, branchPath, f.FolderPath.AppendPart("CodeCakeBuilderKeyVault.txt"))
{
_f = f;
_driver = driver;
_secretStore = secretStore;
_sharedState = sharedState;
_solutionSpec = solutionSpec;
_secretStore.DeclareSecretKey(SolutionDriver.CODECAKEBUILDER_SECRET_KEY, current => current?.Description
?? $"Allows update of CodeCakeBuilderKeyVault.txt used by CI/CD processes. This secret must be managed only by people that have access to the CI/CD processes and their configuration.");
}