From 28f1e5d1f8c18a35f8078497d12efb80dd6a804c Mon Sep 17 00:00:00 2001 From: Scott Walkinshaw Date: Fri, 22 Jul 2022 11:06:50 -0400 Subject: [PATCH 1/3] Improve composer authentications password handling Removes the validation to enforce `password` and sets the default to `""` which is quoted to ensure `composer` is properly passed `""` as the last argument value. --- roles/deploy/hooks/build-after.yml | 3 +-- roles/wordpress-install/tasks/composer-authentications.yml | 7 +++---- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/roles/deploy/hooks/build-after.yml b/roles/deploy/hooks/build-after.yml index 4c088f6452..8177ed270f 100644 --- a/roles/deploy/hooks/build-after.yml +++ b/roles/deploy/hooks/build-after.yml @@ -12,14 +12,13 @@ - name: Setup composer authentications composer: command: config - arguments: --auth http-basic.{{ composer_authentication.hostname }} {{ composer_authentication.username }} {{ composer_authentication.password }} + arguments: --auth http-basic.{{ composer_authentication.hostname }} {{ composer_authentication.username }} {{ composer_authentication.password | default("") | quote }} working_dir: "{{ deploy_helper.new_release_path }}" no_log: true changed_when: false when: - composer_authentication.hostname is defined and composer_authentication.hostname != "" - composer_authentication.username is defined and composer_authentication.username != "" - - composer_authentication.password is defined and composer_authentication.password != "" loop: "{{ composer_authentications | default([]) }}" loop_control: loop_var: composer_authentication diff --git a/roles/wordpress-install/tasks/composer-authentications.yml b/roles/wordpress-install/tasks/composer-authentications.yml index 2b2e8649e2..62a23df81a 100644 --- a/roles/wordpress-install/tasks/composer-authentications.yml +++ b/roles/wordpress-install/tasks/composer-authentications.yml @@ -2,14 +2,13 @@ - name: "Setup composer authentications - {{ site }}" composer: command: config - arguments: --auth http-basic.{{ composer_authentication.hostname }} {{ composer_authentication.username }} {{ composer_authentication.password }} + arguments: --auth http-basic.{{ composer_authentication.hostname }} {{ composer_authentication.username }} {{ composer_authentication.password | default("") | quote }} working_dir: "{{ working_dir }}" no_log: true changed_when: false when: - - not (not composer_authentication.hostname) - - not (not composer_authentication.username) - - not (not composer_authentication.password) + - composer_authentication.hostname is defined and composer_authentication.hostname != "" + - composer_authentication.username is defined and composer_authentication.username != "" loop: "{{ composer_authentications | default([]) }}" loop_control: loop_var: composer_authentication From 9458545874375980a0392495deb66d3424018d89 Mon Sep 17 00:00:00 2001 From: Scott Walkinshaw Date: Fri, 22 Jul 2022 11:08:54 -0400 Subject: [PATCH 2/3] Remove deprecated packagist token --- group_vars/all/helpers.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/group_vars/all/helpers.yml b/group_vars/all/helpers.yml index 1e56f5c083..10101a4da7 100644 --- a/group_vars/all/helpers.yml +++ b/group_vars/all/helpers.yml @@ -20,8 +20,4 @@ ssl_stapling_enabled: "{{ item.value.ssl is defined and item.value.ssl.stapling_ cron_enabled: "{{ site_env.disable_wp_cron and (not item.value.multisite.enabled | default(false) or (item.value.multisite.enabled | default(false) and item.value.multisite.cron | default(true))) }}" sites_use_ssl: "{{ wordpress_sites.values() | map(attribute='ssl') | selectattr('enabled') | list | count > 0 }}" -# For backward compatibility, to be removed in Trellis v2. -site_packagist_org_authentications: - - { hostname: repo.packagist.com, username: token, password: "{{ vault_wordpress_sites[site].packagist_token | default('') }}" } -site_composer_authentications: "{{ vault_wordpress_sites[site].composer_authentications | default([]) }}" -composer_authentications: "{{ site_packagist_org_authentications + site_composer_authentications }}" +composer_authentications: "{{ vault_wordpress_sites[site].composer_authentications | default([]) }}" From 7357bf31abcb1262a1840282689549bc7b09f28c Mon Sep 17 00:00:00 2001 From: Scott Walkinshaw Date: Fri, 22 Jul 2022 13:53:45 -0400 Subject: [PATCH 3/3] Quote username and hostname too Co-authored-by: Tang Rufus --- roles/deploy/hooks/build-after.yml | 2 +- roles/wordpress-install/tasks/composer-authentications.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/deploy/hooks/build-after.yml b/roles/deploy/hooks/build-after.yml index 8177ed270f..292ce23f75 100644 --- a/roles/deploy/hooks/build-after.yml +++ b/roles/deploy/hooks/build-after.yml @@ -12,7 +12,7 @@ - name: Setup composer authentications composer: command: config - arguments: --auth http-basic.{{ composer_authentication.hostname }} {{ composer_authentication.username }} {{ composer_authentication.password | default("") | quote }} + arguments: --auth http-basic.{{ composer_authentication.hostname | quote }} {{ composer_authentication.username | quote }} {{ composer_authentication.password | default("") | quote }} working_dir: "{{ deploy_helper.new_release_path }}" no_log: true changed_when: false diff --git a/roles/wordpress-install/tasks/composer-authentications.yml b/roles/wordpress-install/tasks/composer-authentications.yml index 62a23df81a..8ad265fe24 100644 --- a/roles/wordpress-install/tasks/composer-authentications.yml +++ b/roles/wordpress-install/tasks/composer-authentications.yml @@ -2,7 +2,7 @@ - name: "Setup composer authentications - {{ site }}" composer: command: config - arguments: --auth http-basic.{{ composer_authentication.hostname }} {{ composer_authentication.username }} {{ composer_authentication.password | default("") | quote }} + arguments: --auth http-basic.{{ composer_authentication.hostname | quote }} {{ composer_authentication.username | quote }} {{ composer_authentication.password | default("") | quote }} working_dir: "{{ working_dir }}" no_log: true changed_when: false