From eac9acc0413a3d4e01783541e5b15135e4e666d3 Mon Sep 17 00:00:00 2001 From: phaer Date: Thu, 26 Oct 2023 13:01:08 +0200 Subject: [PATCH] only activate github auth if no other is active --- buildbot_nix/__init__.py | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/buildbot_nix/__init__.py b/buildbot_nix/__init__.py index 697ae4c..c1f6a27 100644 --- a/buildbot_nix/__init__.py +++ b/buildbot_nix/__init__.py @@ -761,20 +761,6 @@ class NixConfigurator(ConfiguratorBase): config["secretsProviders"] = config.get("secretsProviders", []) config["secretsProviders"].append(systemd_secrets) config["www"] = config.get("www", {}) - config["www"]["avatar_methods"] = config["www"].get("avatar_methods", []) - config["www"]["avatar_methods"].append(util.AvatarGitHub()) - config["www"]["auth"] = util.GitHubAuth( - self.github.oauth_id, read_secret_file(self.github.oauth_secret_name) - ) - config["www"]["authz"] = util.Authz( - roleMatchers=[ - util.RolesFromUsername(roles=["admin"], usernames=self.github.admins) - ], - allowRules=[ - util.AnyEndpointMatcher(role="admin", defaultDeny=False), - util.AnyControlEndpointMatcher(role="admins"), - ], - ) config["www"]["change_hook_dialects"] = config["www"].get( "change_hook_dialects", {} ) @@ -784,3 +770,19 @@ class NixConfigurator(ConfiguratorBase): "token": self.github.token(), "github_property_whitelist": "*", } + + if not config["www"].get("auth"): + config["www"]["avatar_methods"] = config["www"].get("avatar_methods", []) + config["www"]["avatar_methods"].append(util.AvatarGitHub()) + config["www"]["auth"] = util.GitHubAuth( + self.github.oauth_id, read_secret_file(self.github.oauth_secret_name) + ) + config["www"]["authz"] = util.Authz( + roleMatchers=[ + util.RolesFromUsername(roles=["admin"], usernames=self.github.admins) + ], + allowRules=[ + util.AnyEndpointMatcher(role="admin", defaultDeny=False), + util.AnyControlEndpointMatcher(role="admins"), + ], + )