Harden Gitea login fallback selection

2026-06-11 21:15:56 -05:00
parent c4c8a255ee
commit 90e565976d
5 changed files with 35 additions and 2 deletions
--- a/docs/scratchpads/536-wrapper-login-pin.md
+++ b/docs/scratchpads/536-wrapper-login-pin.md
@@ -31,6 +31,7 @@ Fix the framework git wrappers so Gitea issue/PR operations resolve the tea logi
 - Added authenticated API fallbacks for close/reopen paths so wrappers can still operate when a matching `tea` login is absent but token credentials are available.
 - Added regression coverage for stale `GITEA_LOGIN`, exact host matching, `--repo` override flows, USC issue close routing, mosaicstack API fallback, and PR metadata/merge fallbacks.
 - Delta after PR #538 review: extended host-aware login/repo resolution to PowerShell wrappers, Bash milestone wrappers, and API-only `--repo` fallback paths.
+- Delta after live USC `pr-create.sh` repro: tightened `GITEA_LOGIN` trust so stale login names are ignored unless the tea login itself matches the target host, and added USC API fallback coverage for `pr-create.sh`.

 ## Verification

--- a/packages/mosaic/framework/tools/git/detect-platform.ps1
+++ b/packages/mosaic/framework/tools/git/detect-platform.ps1
@@ -180,7 +180,7 @@ function Get-GiteaLoginForHost {
    }

    if ($env:GITEA_LOGIN) {
-        if ((Test-GiteaUrlMatchesHost -Url $env:GITEA_URL -GiteaHost $GiteaHost) -or (Test-TeaLoginMatchesHost -LoginName $env:GITEA_LOGIN -GiteaHost $GiteaHost)) {
+        if (Test-TeaLoginMatchesHost -LoginName $env:GITEA_LOGIN -GiteaHost $GiteaHost) {
            return $env:GITEA_LOGIN
        }
    }
--- a/packages/mosaic/framework/tools/git/detect-platform.sh
+++ b/packages/mosaic/framework/tools/git/detect-platform.sh
@@ -178,7 +178,7 @@ get_gitea_login_for_host() {
    fi

    if [[ -n "${GITEA_LOGIN:-}" ]]; then
-        if gitea_url_matches_host "${GITEA_URL:-}" "$host" || tea_login_matches_host "$GITEA_LOGIN" "$host"; then
+        if tea_login_matches_host "$GITEA_LOGIN" "$host"; then
            echo "$GITEA_LOGIN"
            return 0
        fi
--- a/packages/mosaic/framework/tools/git/test-gitea-login-resolution.sh
+++ b/packages/mosaic/framework/tools/git/test-gitea-login-resolution.sh
@@ -46,6 +46,10 @@ JSON
 fi

 printf 'tea %s\n' "$*" >> "$MOSAIC_TEST_LOG"
+if [[ "${MOSAIC_TEA_FAIL_PR_CREATE:-}" == "1" && "$*" == pr\ create* ]]; then
+    echo 'GetUserByName: simulated stale login failure' >&2
+    exit 1
+fi
 exit 0
 SH

@@ -94,6 +98,17 @@ if [[ "$usc_login" != "usc" ]]; then
    exit 1
 fi

+usc_login_with_usc_url=$(run_in_repo bash -c '
+    export GITEA_LOGIN=mosaicstack
+    export GITEA_URL=https://git.uscllc.com
+    source "'"$SCRIPT_DIR"'/detect-platform.sh"
+    get_gitea_login
+')
+if [[ "$usc_login_with_usc_url" != "usc" ]]; then
+    echo "Expected USC host to reject stale GITEA_LOGIN even when GITEA_URL matches USC; got '$usc_login_with_usc_url'" >&2
+    exit 1
+fi
+
 usc_login_without_url=$(run_in_repo bash -c '
    export GITEA_LOGIN=mosaicstack
    unset GITEA_URL
@@ -197,6 +212,15 @@ run_in_repo "$SCRIPT_DIR/pr-ci-wait.sh" --repo USC/uconnect --host git.uscllc.co
 grep -q -- 'curl .*https://git.uscllc.com/api/v1/repos/USC/uconnect/pulls/9' "$LOG_FILE"
 grep -q -- 'curl .*https://git.uscllc.com/api/v1/repos/USC/uconnect/commits/abc123/status' "$LOG_FILE"

+: > "$LOG_FILE"
+run_in_repo env MOSAIC_TEA_FAIL_PR_CREATE=1 GITEA_TOKEN=usc-token GITEA_URL=https://git.uscllc.com "$SCRIPT_DIR/pr-create.sh" -t "USC API fallback" -H feature/pr-create
+grep -q -- 'tea pr create --repo USC/uconnect --login usc --title USC API fallback --head feature/pr-create' "$LOG_FILE"
+grep -q -- 'curl .*Authorization: token usc-token .*https://git.uscllc.com/api/v1/repos/USC/uconnect/pulls' "$LOG_FILE"
+if grep -q -- 'git.mosaicstack.dev/api/v1/repos/USC/uconnect/pulls' "$LOG_FILE"; then
+    echo "pr-create.sh API fallback defaulted USC repo to git.mosaicstack.dev" >&2
+    exit 1
+fi
+
 git -C "$REPO_DIR" remote set-url origin https://git.mosaicstack.dev/mosaicstack/stack.git
 : > "$LOG_FILE"
 run_in_repo env GITEA_TOKEN=mosaic-token GITEA_URL=https://git.mosaicstack.dev "$SCRIPT_DIR/issue-close.sh" -i 536
--- a/packages/mosaic/framework/tools/git/test-pr-merge-gitea-empty-uid.sh
+++ b/packages/mosaic/framework/tools/git/test-pr-merge-gitea-empty-uid.sh
@@ -23,6 +23,10 @@ cat > "$MOCK_BIN/tea" <<'EOF'
 set -euo pipefail
 printf 'tea %q ' "$@" >> "$PR_MERGE_TEST_LOG"
 printf '\n' >> "$PR_MERGE_TEST_LOG"
+if [[ "$*" == *"login list"* ]]; then
+    echo '[{"name":"git.mosaicstack.dev","url":"https://git.mosaicstack.dev"}]'
+    exit 0
+fi
 if [[ "$*" == *"pr merge"* ]]; then
    echo 'user does not exist [uid: 0, name: ]' >&2
    exit 1
@@ -128,6 +132,10 @@ cat > "$MOCK_BIN/tea" <<'EOF'
 set -euo pipefail
 printf 'tea %q ' "$@" >> "$PR_MERGE_TEST_LOG"
 printf '\n' >> "$PR_MERGE_TEST_LOG"
+if [[ "$*" == *"login list"* ]]; then
+    echo '[{"name":"git.mosaicstack.dev","url":"https://git.mosaicstack.dev"}]'
+    exit 0
+fi
 if [[ "$*" == *"pr merge"* ]]; then
    echo 'tea network timeout' >&2
    exit 2