Make username optional for create secret git

Git authentication with basic auth doesn't necessarily require a username to be present. Signed-off-by: talife <gilletvincent@gmail.com> Signed-off-by: Max Jonas Werner <mail@makk.es>
2026-02-12 12:55:56 +00:00 · 2023-07-31 21:35:10 +08:00
parent 525bd21cd1
commit a6cb5930f8
4 changed files with 20 additions and 4 deletions
--- a/cmd/flux/create_secret_git.go
+++ b/cmd/flux/create_secret_git.go
@@ -153,13 +153,13 @@ func createSecretGitCmdRun(cmd *cobra.Command, args []string) error {
 		opts.ECDSACurve = secretGitArgs.ecdsaCurve.Curve
 		opts.Password = secretGitArgs.password
 	case "http", "https":
-		if (secretGitArgs.username == "" || secretGitArgs.password == "") && secretGitArgs.bearerToken == "" {
+		if secretGitArgs.password == "" && secretGitArgs.bearerToken == "" {
 			return fmt.Errorf("for Git over HTTP/S the username and password, or a bearer token is required")
 		}
 		opts.Username = secretGitArgs.username
 		opts.Password = secretGitArgs.password
 		opts.BearerToken = secretGitArgs.bearerToken
-		if secretGitArgs.username != "" && secretGitArgs.password != "" && secretGitArgs.bearerToken != "" {
+		if secretGitArgs.password != "" && secretGitArgs.bearerToken != "" {
 			return fmt.Errorf("user credentials and bearer token cannot be used together")
 		}
--- a/cmd/flux/create_secret_git_test.go
+++ b/cmd/flux/create_secret_git_test.go
@@ -56,6 +56,11 @@ func TestCreateGitSecret(t *testing.T) {
 			args:   "create secret git podinfo-auth --url=https://github.com/stefanprodan/podinfo --username=aaa --password=zzzz --bearer-token=aaaa --namespace=my-namespace --export",
 			assert: assertError("user credentials and bearer token cannot be used together"),
 		},
 		{
 			name:   "git authentication with basic auth consisting of only one password without a username",
 			args:   "create secret git podinfo-auth --url=https://github.com/stefanprodan/podinfo --password=my-password --namespace=my-namespace --export",
 			assert: assertGoldenFile("./testdata/create_secret/git/secret-git-only-pwd.yaml"),
 		},
 	}
 	for _, tt := range tests {
--- a/cmd/flux/testdata/create_secret/git/secret-git-only-pwd.yaml
+++ b/cmd/flux/testdata/create_secret/git/secret-git-only-pwd.yaml
@@ -0,0 +1,9 @@
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: podinfo-auth
  namespace: my-namespace
 stringData:
  password: my-password
--- a/pkg/manifestgen/sourcesecret/sourcesecret.go
+++ b/pkg/manifestgen/sourcesecret/sourcesecret.go
@@ -148,8 +148,10 @@ func buildSecret(keypair *ssh.KeyPair, hostKey, dockerCfg []byte, options Option
 		return
 	}
-	if options.Username != "" && options.Password != "" {
+	if options.Password != "" {
 		if options.Username != "" {
 			secret.StringData[UsernameSecretKey] = options.Username
 		}
 		secret.StringData[PasswordSecretKey] = options.Password
 	}
 	if options.BearerToken != "" {