From patchwork Fri Mar 7 12:00:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Leonard_G=C3=B6hrs?= X-Patchwork-Id: 58463 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BFEB9C19F32 for ; Fri, 7 Mar 2025 12:01:08 +0000 (UTC) Received: from metis.whiteo.stw.pengutronix.de (metis.whiteo.stw.pengutronix.de [185.203.201.7]) by mx.groups.io with SMTP id smtpd.web10.9450.1741348863500254614 for ; Fri, 07 Mar 2025 04:01:04 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: pengutronix.de, ip: 185.203.201.7, mailfrom: lgo@pengutronix.de) Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tqWNx-0006hJ-R2; Fri, 07 Mar 2025 13:01:01 +0100 Received: from dude03.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::39]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tqWNw-004Tku-2g; Fri, 07 Mar 2025 13:01:00 +0100 Received: from lgo by dude03.red.stw.pengutronix.de with local (Exim 4.96) (envelope-from ) id 1tqWNw-0088rj-2T; Fri, 07 Mar 2025 13:01:00 +0100 From: =?utf-8?q?Leonard_G=C3=B6hrs?= To: bitbake-devel@lists.openembedded.org Cc: docs@lists.yoctoproject.org, yocto@pengutronix.de, =?utf-8?q?Leonard_G?= =?utf-8?q?=C3=B6hrs?= Subject: [PATCH v3 1/5] fetch2/wget: enable classes derived from Wget to set custom http headers Date: Fri, 7 Mar 2025 13:00:51 +0100 Message-Id: <20250307120055.1816436-2-l.goehrs@pengutronix.de> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250307120055.1816436-1-l.goehrs@pengutronix.de> References: <20250307120055.1816436-1-l.goehrs@pengutronix.de> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a0a:edc0:0:c01:1d::a2 X-SA-Exim-Mail-From: lgo@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: bitbake-devel@lists.openembedded.org List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 07 Mar 2025 12:01:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/bitbake-devel/message/17406 This allows derived fetchers to e.g. set a `Authorization: Bearer ...` header for token based authentication, or `Accept:` headers to restrict which file type the fetcher expects. Signed-off-by: Leonard Göhrs --- lib/bb/fetch2/wget.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/bb/fetch2/wget.py b/lib/bb/fetch2/wget.py index 6cb728ab4..e13730b48 100644 --- a/lib/bb/fetch2/wget.py +++ b/lib/bb/fetch2/wget.py @@ -121,6 +121,9 @@ class Wget(FetchMethod): # Authorization header. fetchcmd += " --user=%s --password=%s" % (ud.user, ud.pswd) + for key, value in getattr(ud, "http_headers", {}).items(): + fetchcmd += " --header='%s: %s'" % (key, value) + uri = ud.url.split(";")[0] if os.path.exists(ud.localpath): # file exists, but we didnt complete it.. trying again.. @@ -394,6 +397,9 @@ class Wget(FetchMethod): if ud.user and ud.pswd: add_basic_auth(ud.user + ':' + ud.pswd, r) + for key, value in getattr(ud, "http_headers", {}).items(): + r.add_header(key, value) + try: import netrc auth_data = netrc.netrc().authenticators(urllib.parse.urlparse(uri).hostname) From patchwork Fri Mar 7 12:00:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Leonard_G=C3=B6hrs?= X-Patchwork-Id: 58464 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C2620C28B23 for ; Fri, 7 Mar 2025 12:01:08 +0000 (UTC) Received: from metis.whiteo.stw.pengutronix.de (metis.whiteo.stw.pengutronix.de [185.203.201.7]) by mx.groups.io with SMTP id smtpd.web11.9300.1741348863463987431 for ; Fri, 07 Mar 2025 04:01:04 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: pengutronix.de, ip: 185.203.201.7, mailfrom: lgo@pengutronix.de) Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tqWNx-0006hK-R3; Fri, 07 Mar 2025 13:01:01 +0100 Received: from dude03.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::39]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tqWNw-004Tkv-2i; Fri, 07 Mar 2025 13:01:00 +0100 Received: from lgo by dude03.red.stw.pengutronix.de with local (Exim 4.96) (envelope-from ) id 1tqWNw-0088rp-2X; Fri, 07 Mar 2025 13:01:00 +0100 From: =?utf-8?q?Leonard_G=C3=B6hrs?= To: bitbake-devel@lists.openembedded.org Cc: docs@lists.yoctoproject.org, yocto@pengutronix.de, =?utf-8?q?Leonard_G?= =?utf-8?q?=C3=B6hrs?= Subject: [PATCH v3 2/5] fetch2/github_release_artifact: fetcher for (private) release artifacts Date: Fri, 7 Mar 2025 13:00:52 +0100 Message-Id: <20250307120055.1816436-3-l.goehrs@pengutronix.de> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250307120055.1816436-1-l.goehrs@pengutronix.de> References: <20250307120055.1816436-1-l.goehrs@pengutronix.de> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a0a:edc0:0:c01:1d::a2 X-SA-Exim-Mail-From: lgo@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: bitbake-devel@lists.openembedded.org List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 07 Mar 2025 12:01:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/bitbake-devel/message/17401 This fetcher enables downloading artifacts attached to GitHub releases in _private repositories_ (public repositories can just use download URLs like `https://github.com/rauc/rauc/releases/download/v1.13/rauc-1.13.tar.xz` which work without authentication). The `SRC_URI` includes the Github account and repository (`rauc/rauc`), git tag of the release (`v1.13`) and the name of the artifact file (`rauc-1.13.tar.xz`): SRC_URI = "ghra://github.com/rauc/rauc/v1.13/rauc-1.13.tar.xz" SRC_URI[sha256sum] = "1ddb218a5d713c8dbd6e04d5501d96629f1c8e252157... Authentication is provided using tokens, for example by configuring them in the `local.conf`¹: $ grep TOKEN build/conf/local.conf BB_FETCH_GHRA_TOKEN = "github_pat_123456789abc... The token may also be provided using an environment variable, e.g. for CI builds: $ export BB_ENV_PASSTHROUGH_ADDITIONS="BB_FETCH_GHRA_TOKEN" $ export BB_FETCH_GHRA_TOKEN="github_pat_123456789abc... $ bitbake rauc or by setting `BB_FETCH_GHRA_TOKEN` inside the recipe: BB_FETCH_GHRA_TOKEN = "github_pat_123456789abc... SRC_URI = "ghra://github.com/rauc/rauc/v1.13/rauc-1.13.tar.xz" SRC_URI[sha256sum] = "1ddb218a5d713c8dbd6e04d5501d96629f1c8e252157... ¹ Note: When using a personal access token, it should be restricted in scope to only allow downloading of release artifacts for the required repositories. Signed-off-by: Leonard Göhrs --- lib/bb/fetch2/__init__.py | 4 +- lib/bb/fetch2/github_release_artifact.py | 91 ++++++++++++++++++++++++ 2 files changed, 94 insertions(+), 1 deletion(-) create mode 100644 lib/bb/fetch2/github_release_artifact.py diff --git a/lib/bb/fetch2/__init__.py b/lib/bb/fetch2/__init__.py index 93fe012ec..0cecb0ec9 100644 --- a/lib/bb/fetch2/__init__.py +++ b/lib/bb/fetch2/__init__.py @@ -1292,7 +1292,7 @@ class FetchData(object): elif checksum_plain_name in self.parm: checksum_expected = self.parm[checksum_plain_name] checksum_name = checksum_plain_name - elif self.type not in ["http", "https", "ftp", "ftps", "sftp", "s3", "az", "crate", "gs", "gomod", "npm"]: + elif self.type not in ["http", "https", "ftp", "ftps", "sftp", "s3", "az", "crate", "gs", "gomod", "npm", "ghra"]: checksum_expected = None else: checksum_expected = d.getVarFlag("SRC_URI", checksum_name) @@ -2068,6 +2068,7 @@ from . import az from . import crate from . import gcp from . import gomod +from . import github_release_artifact methods.append(local.Local()) methods.append(wget.Wget()) @@ -2092,3 +2093,4 @@ methods.append(crate.Crate()) methods.append(gcp.GCP()) methods.append(gomod.GoMod()) methods.append(gomod.GoModGit()) +methods.append(github_release_artifact.GitHubReleaseArtifact()) diff --git a/lib/bb/fetch2/github_release_artifact.py b/lib/bb/fetch2/github_release_artifact.py new file mode 100644 index 000000000..9b3d39187 --- /dev/null +++ b/lib/bb/fetch2/github_release_artifact.py @@ -0,0 +1,91 @@ +""" +BitBake 'Fetch' GitHub release artifacts implementation + +""" + +# Copyright (C) 2025 Leonard Göhrs +# +# Based on bb.fetch2.wget: +# Copyright (C) 2003, 2004 Chris Larson +# +# SPDX-License-Identifier: GPL-2.0-only +# +# Based on functions from the base bb module, Copyright 2003 Holger Schurig + +import json + +from urllib.request import urlopen, Request + +from bb.fetch2 import FetchError +from bb.fetch2.wget import Wget + + +class GitHubReleaseArtifact(Wget): + API_HEADERS = { + "Accept": "application/vnd.github+json", + "X-GitHub-Api-Version": "2022-11-28", + } + + DOWNLOAD_HEADERS = { + "Accept": "application/octet-stream" + } + + def supports(self, ud, d): + return ud.type in ["ghra"] + + def _resolve_artifact_url(self, ud, d): + """Resolve `ghra://` pseudo URLs to `https://` URLs and set auth header. + + This method resolved URLs like `ghra://github.com/rauc/rauc/v1.13/rauc-1.13.tar.xz` + to a backing URL like `https://api.github.com/repos/rauc/rauc/releases/assets/222455085` + while optionally setting the required authentication headers to download from + private repositories. + """ + + try: + user, repo, tag, asset_name = ud.path.strip("/").split("/") + except ValueError as e: + raise FetchError( + f"Expected path like '////', got: '{ud.path}'" + ) from e + + meta_url = f"https://api.{ud.host}/repos/{user}/{repo}/releases/tags/{tag}" + + auth_headers = {} + + token = d.getVar("BB_FETCH_GHRA_TOKEN") + + if token is not None: + auth_headers["Authorization"] = f"Bearer {token}" + + try: + headers = dict(**auth_headers, **self.API_HEADERS) + req = Request(url=meta_url, headers=headers) + with urlopen(req) as resp: + result = json.load(resp) + + except Exception as e: + raise FetchError(f"Error downloading artifact list: {e}") from e + + asset_urls = dict((asset["name"], asset["url"]) for asset in result["assets"]) + + if asset_name not in asset_urls: + asset_list = ", ".join(asset_urls.keys()) + raise FetchError( + f"Did not find asset '{asset_name}' in release asset list: {asset_list}" + ) + + # Override the `url` and `http_headers` in the FetchData object, + # enabling the Wget class to perform the actual downloading. + ud.url = asset_urls[asset_name] + ud.http_headers = dict(**auth_headers, **self.DOWNLOAD_HEADERS) + + def checkstatus(self, fetch, ud, d): + self._resolve_artifact_url(ud, d) + + return super().checkstatus(fetch, ud, d) + + def download(self, ud, d): + self._resolve_artifact_url(ud, d) + + return super().download(ud, d) From patchwork Fri Mar 7 12:00:53 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Leonard_G=C3=B6hrs?= X-Patchwork-Id: 58466 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1D619C28B30 for ; Fri, 7 Mar 2025 12:01:09 +0000 (UTC) Received: from metis.whiteo.stw.pengutronix.de (metis.whiteo.stw.pengutronix.de [185.203.201.7]) by mx.groups.io with SMTP id smtpd.web10.9451.1741348863511044963 for ; Fri, 07 Mar 2025 04:01:04 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: pengutronix.de, ip: 185.203.201.7, mailfrom: lgo@pengutronix.de) Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tqWNx-0006hL-R1; Fri, 07 Mar 2025 13:01:01 +0100 Received: from dude03.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::39]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tqWNw-004Tkw-2m; Fri, 07 Mar 2025 13:01:00 +0100 Received: from lgo by dude03.red.stw.pengutronix.de with local (Exim 4.96) (envelope-from ) id 1tqWNw-0088rt-2a; Fri, 07 Mar 2025 13:01:00 +0100 From: =?utf-8?q?Leonard_G=C3=B6hrs?= To: bitbake-devel@lists.openembedded.org Cc: docs@lists.yoctoproject.org, yocto@pengutronix.de, =?utf-8?q?Leonard_G?= =?utf-8?q?=C3=B6hrs?= Subject: [PATCH v3 3/5] tests: fetch: add download test for the GitHub release artifact fetcher Date: Fri, 7 Mar 2025 13:00:53 +0100 Message-Id: <20250307120055.1816436-4-l.goehrs@pengutronix.de> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250307120055.1816436-1-l.goehrs@pengutronix.de> References: <20250307120055.1816436-1-l.goehrs@pengutronix.de> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a0a:edc0:0:c01:1d::a2 X-SA-Exim-Mail-From: lgo@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: bitbake-devel@lists.openembedded.org List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 07 Mar 2025 12:01:09 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/bitbake-devel/message/17404 The fetcher is mostly intended to work with release artifacts for _private_ GitHub repositories, which require authentication in the form of a token. Release artifacts for public repositories can simply be downloaded using the normal wget fetcher using a public and stable URL. The tests use a public repository anyways because it would otherwise have to contain a GitHub token that is supposed to be kept secret. The `tslib` release referenced in the test is used because it is already used by another test. Signed-off-by: Leonard Göhrs --- lib/bb/tests/fetch.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lib/bb/tests/fetch.py b/lib/bb/tests/fetch.py index c19180aaf..517894881 100644 --- a/lib/bb/tests/fetch.py +++ b/lib/bb/tests/fetch.py @@ -1276,6 +1276,18 @@ class FetcherNetworkTest(FetcherTest): with self.assertRaises(bb.fetch2.FetchError): fetcher.download() + @skipIfNoNetwork() + def test_github_release_artifact(self): + fetcher = bb.fetch.Fetch(["ghra://github.com/kergoth/tslib/1.1/tslib-1.1.tar.xz;sha256sum=fe35e5f710ea933b118f710e2ce4403ac076fe69926b570333867d4de082a51c"], self.d) + fetcher.download() + self.assertEqual(os.path.getsize(self.dldir + "/tslib-1.1.tar.xz"), 238184) + self.d.setVar("BB_NO_NETWORK", "1") + fetcher = bb.fetch.Fetch(["ghra://github.com/kergoth/tslib/1.1/tslib-1.1.tar.xz;sha256sum=fe35e5f710ea933b118f710e2ce4403ac076fe69926b570333867d4de082a51c"], self.d) + fetcher.download() + fetcher.unpack(self.unpackdir) + self.assertEqual(len(os.listdir(self.unpackdir + "/tslib-1.1/")), 29) + + class SVNTest(FetcherTest): def skipIfNoSvn(): import shutil From patchwork Fri Mar 7 12:00:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Leonard_G=C3=B6hrs?= X-Patchwork-Id: 58462 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C125DC282DE for ; Fri, 7 Mar 2025 12:01:08 +0000 (UTC) Received: from metis.whiteo.stw.pengutronix.de (metis.whiteo.stw.pengutronix.de [185.203.201.7]) by mx.groups.io with SMTP id smtpd.web10.9453.1741348863520494091 for ; Fri, 07 Mar 2025 04:01:04 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: pengutronix.de, ip: 185.203.201.7, mailfrom: lgo@pengutronix.de) Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tqWNx-0006hM-R1; Fri, 07 Mar 2025 13:01:01 +0100 Received: from dude03.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::39]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tqWNw-004Tkx-2s; Fri, 07 Mar 2025 13:01:00 +0100 Received: from lgo by dude03.red.stw.pengutronix.de with local (Exim 4.96) (envelope-from ) id 1tqWNw-0088ry-2e; Fri, 07 Mar 2025 13:01:00 +0100 From: =?utf-8?q?Leonard_G=C3=B6hrs?= To: bitbake-devel@lists.openembedded.org Cc: docs@lists.yoctoproject.org, yocto@pengutronix.de, =?utf-8?q?Leonard_G?= =?utf-8?q?=C3=B6hrs?= Subject: [PATCH v3 4/5] tests: fetch: add status test for the GitHub release artifact fetcher Date: Fri, 7 Mar 2025 13:00:54 +0100 Message-Id: <20250307120055.1816436-5-l.goehrs@pengutronix.de> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250307120055.1816436-1-l.goehrs@pengutronix.de> References: <20250307120055.1816436-1-l.goehrs@pengutronix.de> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a0a:edc0:0:c01:1d::a2 X-SA-Exim-Mail-From: lgo@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: bitbake-devel@lists.openembedded.org List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 07 Mar 2025 12:01:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/bitbake-devel/message/17405 This re-uses the same URL that is already used by the download test of the same fetcher. Signed-off-by: Leonard Göhrs --- lib/bb/tests/fetch.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/bb/tests/fetch.py b/lib/bb/tests/fetch.py index 517894881..cf5ce2ebd 100644 --- a/lib/bb/tests/fetch.py +++ b/lib/bb/tests/fetch.py @@ -1606,7 +1606,8 @@ class FetchCheckStatusTest(FetcherTest): "https://downloads.yoctoproject.org/releases/opkg/opkg-0.3.0.tar.gz", "ftp://sourceware.org/pub/libffi/libffi-1.20.tar.gz", # GitHub releases are hosted on Amazon S3, which doesn't support HEAD - "https://github.com/kergoth/tslib/releases/download/1.1/tslib-1.1.tar.xz" + "https://github.com/kergoth/tslib/releases/download/1.1/tslib-1.1.tar.xz", + "ghra://github.com/kergoth/tslib/1.1/tslib-1.1.tar.xz" ] @skipIfNoNetwork() From patchwork Fri Mar 7 12:00:55 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Leonard_G=C3=B6hrs?= X-Patchwork-Id: 58465 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id EF7A2C28B26 for ; Fri, 7 Mar 2025 12:01:08 +0000 (UTC) Received: from metis.whiteo.stw.pengutronix.de (metis.whiteo.stw.pengutronix.de [185.203.201.7]) by mx.groups.io with SMTP id smtpd.web11.9303.1741348863516214324 for ; Fri, 07 Mar 2025 04:01:04 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: pengutronix.de, ip: 185.203.201.7, mailfrom: lgo@pengutronix.de) Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tqWNx-0006hN-R2; Fri, 07 Mar 2025 13:01:01 +0100 Received: from dude03.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::39]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tqWNw-004Tky-2t; Fri, 07 Mar 2025 13:01:00 +0100 Received: from lgo by dude03.red.stw.pengutronix.de with local (Exim 4.96) (envelope-from ) id 1tqWNw-0088s3-2h; Fri, 07 Mar 2025 13:01:00 +0100 From: =?utf-8?q?Leonard_G=C3=B6hrs?= To: bitbake-devel@lists.openembedded.org Cc: docs@lists.yoctoproject.org, yocto@pengutronix.de, =?utf-8?q?Leonard_G?= =?utf-8?q?=C3=B6hrs?= Subject: [PATCH v3 5/5] doc: document the GitHub Release Artifact fetcher and BB_FETCH_GHRA_TOKEN Date: Fri, 7 Mar 2025 13:00:55 +0100 Message-Id: <20250307120055.1816436-6-l.goehrs@pengutronix.de> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250307120055.1816436-1-l.goehrs@pengutronix.de> References: <20250307120055.1816436-1-l.goehrs@pengutronix.de> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a0a:edc0:0:c01:1d::a2 X-SA-Exim-Mail-From: lgo@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: bitbake-devel@lists.openembedded.org List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 07 Mar 2025 12:01:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/bitbake-devel/message/17402 The fetcher is quite niche, as it is only required when working with private GitHub repositories (public releases have a stable public download URL and do not need any authentication). Hence it is only documented like a niche feature. Signed-off-by: Leonard Göhrs --- .../bitbake-user-manual-fetching.rst | 2 ++ .../bitbake-user-manual-ref-variables.rst | 12 ++++++++++++ 2 files changed, 14 insertions(+) diff --git a/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst b/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst index fb4f0a23d..2f5224482 100644 --- a/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst +++ b/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst @@ -842,6 +842,8 @@ Fetch submodules also exist for the following: - Trees using Git Annex (``gitannex://``) +- Private GitHub Release Artifacts (``ghra://``) + No documentation currently exists for these lesser used fetcher submodules. However, you might find the code helpful and readable. diff --git a/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst b/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst index dd8cf2409..51bb336b0 100644 --- a/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst +++ b/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst @@ -1098,6 +1098,18 @@ overview of their function and contents. layer containing the recipe file. Code can use this to identify which layer a recipe is from. + :term:`BB_FETCH_GHRA_TOKEN` + GitHub Access Token. When using the + :ref:`GitHub Release Artifact fetcher ` + This variable can be defined to be used by the fetcher to authenticate + and gain access to non-public release artifacts:: + + BB_FETCH_GHRA_TOKEN = "github_pat_..." + + Make sure to always use fine-grained personal access tokens that only + enable downloading of artifacts in the relevant repositories or the + short-lived access tokens provided to GitHub actions. + :term:`GITDIR` The directory in which a local copy of a Git repository is stored when it is cloned.