Skip to content

SSH agent forwarding #65

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
fabiovincenzi wants to merge 425 commits into
base: denis-coric/ssh-flow
Choose a base branch
from
Open

SSH agent forwarding #65

fabiovincenzi wants to merge 425 commits into from

Conversation

@fabiovincenzi
Copy link
Collaborator

@fabiovincenzi fabiovincenzi commented Nov 20, 2025

No description provided.

renovate bot and others added 30 commits November 14, 2025 22:50
@renovate
fix(deps): update npm - - package.json
b75a830
@kriswest
Merge pull request finos#1252 from finos/renovate/manager
ac05f42 
fix(deps): update npm - - package.json
@jescalada
Merge branch 'main' into 1150-vitest-migration-from-service
d11c657
@jescalada
chore: fix dep issues
e845f1a
@renovate
chore(deps): update github-actions - workflows - .github/workflows/un…
0e5e439 
…used-dependencies.yml
@jescalada @kriswest
Update test/1.test.ts
b741bfb 
Co-authored-by: Kris West <kristopher.west@natwest.com>
Signed-off-by: Juan Escalada <97265671+jescalada@users.noreply.github.com>
@jescalada
chore: remove unnecessary logging in push actions and routes
a53eeef
@jescalada
Merge branch '1150-vitest-migration-from-service' of https://github.c…
d572df1 
…om/jescalada/git-proxy into 1150-vitest-migration-from-service
@jescalada
chore: remove/adjust tests based on console logs
890d583
@jescalada
Merge pull request finos#1279 from finos/renovate/workflows-manager
85e418f 
chore(deps): update github-actions - workflows - .github/workflows/unused-dependencies.yml
@renovate
fix(deps): update npm to v5 - - package.json
c299c6c
@jescalada
fix: repo mismatch issue on proxy start
6527ea7
@dgl
fix: drop dependency on jwk-to-pem by using native crypto
1ee2b91 
This replaces jwk-to-pem with simply using crypto.createPublicKey. This
further drops elliptic from the dependency tree, which has known
security issues (note this is mostly for hygiene as jwk-to-pem doesn't
use the vulnerable code paths, per
Brightspace/node-jwk-to-pem#187).
@jescalada
chore: fix potentially invalid repo project names in testProxyRoute t…
f3d9989 
…ests
@jescalada
chore: remove casting in ConfigLoader tests
5ae5c50
@jescalada @kriswest
Update test/generated-config.test.ts
37c922a 
Co-authored-by: Kris West <kristopher.west@natwest.com>
Signed-off-by: Juan Escalada <97265671+jescalada@users.noreply.github.com>
@jescalada @kriswest
Update test/generated-config.test.ts
a8aa410 
Co-authored-by: Kris West <kristopher.west@natwest.com>
Signed-off-by: Juan Escalada <97265671+jescalada@users.noreply.github.com>
@jescalada @kriswest
Update test/generated-config.test.ts
5327e28 
Co-authored-by: Kris West <kristopher.west@natwest.com>
Signed-off-by: Juan Escalada <97265671+jescalada@users.noreply.github.com>
@jescalada
Merge branch '1150-vitest-migration-from-service' of https://github.c…
9723c02 
…om/jescalada/git-proxy into 1150-vitest-migration-from-service
@jescalada
test: improve assertions in generated-config.test.ts
973fbaf
@jescalada
fix: set isEmailAllowed regex to case insensitive
c642e4d
@jescalada
chore: improve test assertions and cleanup
e7ffacb
@jescalada
test: simplify scanDiff tests with generateDiffStep helper
b06d61e
@jescalada @kriswest
Update test/testParseAction.test.ts
119bd8b 
Co-authored-by: Kris West <kristopher.west@natwest.com>
Signed-off-by: Juan Escalada <97265671+jescalada@users.noreply.github.com>
@jescalada @kriswest
Update test/testDb.test.ts
a4809b4 
Co-authored-by: Kris West <kristopher.west@natwest.com>
Signed-off-by: Juan Escalada <97265671+jescalada@users.noreply.github.com>
@jescalada @kriswest
Update test/testCheckUserPushPermission.test.ts
e69c4d6 
Co-authored-by: Kris West <kristopher.west@natwest.com>
Signed-off-by: Juan Escalada <97265671+jescalada@users.noreply.github.com>
@jescalada
test: rename auth routes tests and add new cases for status codes
594b8aa
@jescalada
Merge branch '1150-vitest-migration-from-service' of https://github.c…
5ada78a 
…om/jescalada/git-proxy into 1150-vitest-migration-from-service
@jescalada
chore: testActiveDirectoryAuth cleanup, remove old test packages from…
1334689 
… cli
@fabiovincenzi
refactor(ssh): add PktLineParser and base function to eliminate code …
51a4a35 
…duplication in GitProtocol
fabiovincenzi and others added 30 commits December 29, 2025 11:15
@fabiovincenzi
test: add tests for ssh agent implementation
5223dc5
@fabiovincenzi
refactor(ssh): extract SSH helpers and expand pullRemote tests
27314f8
@fabiovincenzi
test(ssh): add host key verification tests
29647a0
@fabiovincenzi
Merge branch 'main' into ssh-agent-on-pr987
239f7a2
@fabiovincenzi
refactor: remove import meta
3fe3545
@fabiovincenzi
Merge branch 'ssh-agent-on-pr987' of https://github.com/fabiovincenzi…
ed4c2a6 
…/git-proxy into ssh-agent-on-pr987
@fabiovincenzi
test: add test for server.ts
5de929d
@fabiovincenzi
ci: allow LicenseRef-scancode-dco-1.1 license in dependency review
c2cd33e
@coopernetes
feat: e2e tests using docker compose
5dc9159
@coopernetes
fix: e2e tests run in CI, pin e2e workflow deps
c5050c7 
- Remove verbose logging from Dockerfile
- pin dependent actions in new e2e workflow to their respective commits
- refactor the tests to work slightly more robustly (handle creds, etc)
@coopernetes
fix: update repo API test
060edb2
@coopernetes
feat: add git packet capture wrapper to localgit, docs + Dockerfile e…
1396cfb 
…nhancements
@sidshas03 @coopernetes
fix: remove obsolete version field from docker-compose.yml
3beeb45 
- Removed the obsolete 'version: 3.7' field from docker-compose.yml
- This fixes the warning about the version field being obsolete in newer Docker Compose versions
- The e2e tests now run without warnings
@sidshas03 @coopernetes
fix: resolve Cypress e2e test issues
74fac6e 
- Fix OIDC configuration syntax errors
- Update Cypress baseUrl to use correct port (8080)
- Fix CI workflow to use correct port and remove & from start command
- Ensure frontend is built before running tests
- CSRF protection already properly disabled in test environment

Cypress tests now pass:
- autoApproved.cy.js: 1/1 passing
- login.cy.js: 8/8 passing
- repo.cy.js: failing due to rate limiting (separate issue)

This resolves the main issues mentioned in the failing job:
- CSRF Token Missing Errors: Fixed by proper test environment config
- Shell Script Syntax Error: Fixed by removing & from start command
- Unknown Authentication Strategy: Fixed OIDC syntax errors
- Route Not Hit: Fixed by building frontend and using correct port
@sidshas03 @coopernetes
fix: resolve remaining Cypress CI issues
cc6f0a7 
- Fix CSRF protection by setting NODE_ENV=test in CI
- Fix OIDC strategy by checking enabled flag before configuration
- Fix port configuration by using correct server port (8080)
- Add start:ci script to run server only (not dev client)
- Set CYPRESS_BASE_URL environment variable for consistency

This should resolve:
- CSRF token missing errors in CI
- Unknown authentication strategy errors
- Port mismatch issues (3000 vs 8080)
- Shell script syntax errors with & character
@coopernetes
fix: cypress tests, runtime cfg for apiBaseUrl + approved push e2e test
8876fa0
@coopernetes
fix: remove dead code, formatting
25d404a
@coopernetes
fix: update new tests to new vitest
d3f7b9d
@coopernetes
chore: remove old apiBase code
0e27447
@coopernetes
feat: remove http, resolve conflicts
f90cc7f
@coopernetes
chore: revert cypress test changes
2b5125e
@coopernetes
chore: merge ui changes with new baseUrl function
2bcbe98
@coopernetes
revert unused files and http support
4674c9d
@coopernetes
Merge pull request finos#1165 from RBC/e2e-testing
ecd6161
@fabiovincenzi
docs: reorganize SSH documentation for better user experience
8bb5282
@fabiovincenzi
Merge branch 'main' into ssh-agent-on-pr987
b2973db 
Signed-off-by: Fabio Vincenzi <93596376+fabiovincenzi@users.noreply.github.com>
@fabiovincenzi
fix(ui): migrate ssh service from deprecated apiBase to apiConfig
0b0a020
@jescalada
chore: remove unused NPM auth token and flags
bfff0f7
@jescalada
Merge pull request finos#1351 from jescalada/1334-npm-release-authent…
c655f05 
…ication-fix

chore: remove unused NPM auth token and flags
@fabiovincenzi
Merge branch 'main' into ssh-agent-on-pr987
ae77132
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dcoric dcoric dcoric left review comments

@jescalada jescalada jescalada requested changes

+1 more reviewer

@dgl dgl dgl left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@fabiovincenzi @dgl @dcoric @jescalada @kriswest @tabathad @coopernetes @andypols @sidshas03