Skip to content

Commit

Permalink
Clear all possible token env vars for token accessor test. (ossf#3347)
Browse files Browse the repository at this point in the history
Signed-off-by: Spencer Schrock <[email protected]>
  • Loading branch information
spencerschrock authored Aug 4, 2023
1 parent b1f3519 commit f30ff23
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 7 deletions.
8 changes: 5 additions & 3 deletions clients/githubrepo/roundtripper/tokens/accessor.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,9 @@ import (
// githubAuthServer is the RPC URL for the token server.
const githubAuthServer = "GITHUB_AUTH_SERVER"

// env variables from which GitHub auth tokens are read, in order of precedence.
var githubAuthTokenEnvVars = []string{"GITHUB_AUTH_TOKEN", "GITHUB_TOKEN", "GH_TOKEN", "GH_AUTH_TOKEN"}

// TokenAccessor interface defines a `retrieve-once` data structure.
// Implementations of this interface must be thread-safe.
type TokenAccessor interface {
Expand All @@ -31,8 +34,7 @@ type TokenAccessor interface {
}

func readGitHubTokens() (string, bool) {
githubAuthTokens := []string{"GITHUB_AUTH_TOKEN", "GITHUB_TOKEN", "GH_TOKEN", "GH_AUTH_TOKEN"}
for _, name := range githubAuthTokens {
for _, name := range githubAuthTokenEnvVars {
if token, exists := os.LookupEnv(name); exists && token != "" {
return token, exists
}
Expand All @@ -45,7 +47,7 @@ func MakeTokenAccessor() TokenAccessor {
if value, exists := readGitHubTokens(); exists {
return makeRoundRobinAccessor(strings.Split(value, ","))
}
if value, exists := os.LookupEnv(githubAuthServer); exists {
if value, exists := os.LookupEnv(githubAuthServer); exists && value != "" {
return makeRPCAccessor(value)
}
return nil
Expand Down
9 changes: 5 additions & 4 deletions clients/githubrepo/roundtripper/tokens/accessor_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,16 +40,17 @@ func TestMakeTokenAccessor(t *testing.T) {
useServer: true,
},
}
t.Setenv("GITHUB_AUTH_TOKEN", "")
t.Setenv("GITHUB_TOKEN", "")
// clear all env variables devs may have defined, or the test will fail locally
for _, envVar := range githubAuthTokenEnvVars {
t.Setenv(envVar, "")
}
t.Setenv(githubAuthServer, "")
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
switch {
case tt.useGitHubToken:
t.Helper()
testToken(t)
case tt.useServer:
t.Helper()
testServer(t)
default:
got := MakeTokenAccessor()
Expand Down

0 comments on commit f30ff23

Please sign in to comment.