Move git/common to git

Signed-off-by: Hidde Beydals <hello@hidde.co>

controllers/gitrepository_controller.go

@@ -44,7 +44,7 @@ import (
 
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/fluxcd/source-controller/pkg/git"
-	"github.com/fluxcd/source-controller/pkg/git/common"
+	"github.com/fluxcd/source-controller/pkg/git/strategy"
 )
 
 // +kubebuilder:rbac:groups=source.toolkit.fluxcd.io,resources=gitrepositories,verbs=get;list;watch;create;update;patch;delete
@@ -178,9 +178,9 @@ func (r *GitRepositoryReconciler) reconcile(ctx context.Context, repository sour
 	defer os.RemoveAll(tmpGit)
 
 	// determine auth method
-	auth := &common.Auth{}
+	auth := &git.Auth{}
 	if repository.Spec.SecretRef != nil {
-		authStrategy, err := git.AuthSecretStrategyForURL(repository.Spec.URL, repository.Spec.GitImplementation)
+		authStrategy, err := strategy.AuthSecretStrategyForURL(repository.Spec.URL, repository.Spec.GitImplementation)
 		if err != nil {
 			return sourcev1.GitRepositoryNotReady(repository, sourcev1.AuthenticationFailedReason, err.Error()), err
 		}
@@ -204,7 +204,7 @@ func (r *GitRepositoryReconciler) reconcile(ctx context.Context, repository sour
 		}
 	}
 
-	checkoutStrategy, err := git.CheckoutStrategyForRef(repository.Spec.Reference, repository.Spec.GitImplementation)
+	checkoutStrategy, err := strategy.CheckoutStrategyForRef(repository.Spec.Reference, repository.Spec.GitImplementation)
 	if err != nil {
 		return sourcev1.GitRepositoryNotReady(repository, sourcev1.GitOperationFailedReason, err.Error()), err
 	}

pkg/git/git.go

@@ -17,32 +17,37 @@ limitations under the License.
 package git
 
 import (
-	"fmt"
+	"context"
 
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
-	"github.com/fluxcd/source-controller/pkg/git/common"
-	"github.com/fluxcd/source-controller/pkg/git/gogit"
-	"github.com/fluxcd/source-controller/pkg/git/libgit2"
+	"github.com/go-git/go-git/v5/plumbing/transport"
+	git2go "github.com/libgit2/git2go/v31"
+	corev1 "k8s.io/api/core/v1"
 )
 
-func CheckoutStrategyForRef(ref *sourcev1.GitRepositoryRef, gitImplementation string) (common.CheckoutStrategy, error) {
-	switch gitImplementation {
-	case sourcev1.GoGitImplementation:
-		return gogit.CheckoutStrategyForRef(ref), nil
-	case sourcev1.LibGit2Implementation:
-		return libgit2.CheckoutStrategyForRef(ref), nil
-	default:
-		return nil, fmt.Errorf("invalid git implementation %s", gitImplementation)
-	}
+const (
+	DefaultOrigin            = "origin"
+	DefaultBranch            = "master"
+	DefaultPublicKeyAuthUser = "git"
+	CAFile                   = "caFile"
+)
+
+type Commit interface {
+	Verify(secret corev1.Secret) error
+	Hash() string
+}
+
+type CheckoutStrategy interface {
+	Checkout(ctx context.Context, path, url string, auth *Auth) (Commit, string, error)
+}
+
+// TODO(hidde): candidate for refactoring, so that we do not directly
+//  depend on implementation specifics here.
+type Auth struct {
+	AuthMethod   transport.AuthMethod
+	CredCallback git2go.CredentialsCallback
+	CertCallback git2go.CertificateCheckCallback
 }
 
-func AuthSecretStrategyForURL(url string, gitImplementation string) (common.AuthSecretStrategy, error) {
-	switch gitImplementation {
-	case sourcev1.GoGitImplementation:
-		return gogit.AuthSecretStrategyForURL(url)
-	case sourcev1.LibGit2Implementation:
-		return libgit2.AuthSecretStrategyForURL(url)
-	default:
-		return nil, fmt.Errorf("invalid git implementation %s", gitImplementation)
-	}
+type AuthSecretStrategy interface {
+	Method(secret corev1.Secret) (*Auth, error)
 }

pkg/git/gogit/checkout.go

@@ -23,52 +23,52 @@ import (
 	"time"
 
 	"github.com/Masterminds/semver/v3"
-	"github.com/go-git/go-git/v5"
+	extgogit "github.com/go-git/go-git/v5"
 	"github.com/go-git/go-git/v5/plumbing"
 
 	"github.com/fluxcd/pkg/version"
 
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
-	"github.com/fluxcd/source-controller/pkg/git/common"
+	"github.com/fluxcd/source-controller/pkg/git"
 )
 
-func CheckoutStrategyForRef(ref *sourcev1.GitRepositoryRef) common.CheckoutStrategy {
+func CheckoutStrategyForRef(ref *sourcev1.GitRepositoryRef) git.CheckoutStrategy {
 	switch {
 	case ref == nil:
-		return &CheckoutBranch{branch: common.DefaultBranch}
+		return &CheckoutBranch{branch: git.DefaultBranch}
 	case ref.SemVer != "":
 		return &CheckoutSemVer{semVer: ref.SemVer}
 	case ref.Tag != "":
 		return &CheckoutTag{tag: ref.Tag}
 	case ref.Commit != "":
 		strategy := &CheckoutCommit{branch: ref.Branch, commit: ref.Commit}
 		if strategy.branch == "" {
-			strategy.branch = common.DefaultBranch
+			strategy.branch = git.DefaultBranch
 		}
 		return strategy
 	case ref.Branch != "":
 		return &CheckoutBranch{branch: ref.Branch}
 	default:
-		return &CheckoutBranch{branch: common.DefaultBranch}
+		return &CheckoutBranch{branch: git.DefaultBranch}
 	}
 }
 
 type CheckoutBranch struct {
 	branch string
 }
 
-func (c *CheckoutBranch) Checkout(ctx context.Context, path, url string, auth *common.Auth) (common.Commit, string, error) {
-	repo, err := git.PlainCloneContext(ctx, path, false, &git.CloneOptions{
+func (c *CheckoutBranch) Checkout(ctx context.Context, path, url string, auth *git.Auth) (git.Commit, string, error) {
+	repo, err := extgogit.PlainCloneContext(ctx, path, false, &extgogit.CloneOptions{
 		URL:               url,
 		Auth:              auth.AuthMethod,
-		RemoteName:        common.DefaultOrigin,
+		RemoteName:        git.DefaultOrigin,
 		ReferenceName:     plumbing.NewBranchReferenceName(c.branch),
 		SingleBranch:      true,
 		NoCheckout:        false,
 		Depth:             1,
 		RecurseSubmodules: 0,
 		Progress:          nil,
-		Tags:              git.NoTags,
+		Tags:              extgogit.NoTags,
 	})
 	if err != nil {
 		return nil, "", fmt.Errorf("unable to clone '%s', error: %w", url, err)
@@ -88,18 +88,18 @@ type CheckoutTag struct {
 	tag string
 }
 
-func (c *CheckoutTag) Checkout(ctx context.Context, path, url string, auth *common.Auth) (common.Commit, string, error) {
-	repo, err := git.PlainCloneContext(ctx, path, false, &git.CloneOptions{
+func (c *CheckoutTag) Checkout(ctx context.Context, path, url string, auth *git.Auth) (git.Commit, string, error) {
+	repo, err := extgogit.PlainCloneContext(ctx, path, false, &extgogit.CloneOptions{
 		URL:               url,
 		Auth:              auth.AuthMethod,
-		RemoteName:        common.DefaultOrigin,
+		RemoteName:        git.DefaultOrigin,
 		ReferenceName:     plumbing.NewTagReferenceName(c.tag),
 		SingleBranch:      true,
 		NoCheckout:        false,
 		Depth:             1,
 		RecurseSubmodules: 0,
 		Progress:          nil,
-		Tags:              git.NoTags,
+		Tags:              extgogit.NoTags,
 	})
 	if err != nil {
 		return nil, "", fmt.Errorf("unable to clone '%s', error: %w", url, err)
@@ -120,17 +120,17 @@ type CheckoutCommit struct {
 	commit string
 }
 
-func (c *CheckoutCommit) Checkout(ctx context.Context, path, url string, auth *common.Auth) (common.Commit, string, error) {
-	repo, err := git.PlainCloneContext(ctx, path, false, &git.CloneOptions{
+func (c *CheckoutCommit) Checkout(ctx context.Context, path, url string, auth *git.Auth) (git.Commit, string, error) {
+	repo, err := extgogit.PlainCloneContext(ctx, path, false, &extgogit.CloneOptions{
 		URL:               url,
 		Auth:              auth.AuthMethod,
-		RemoteName:        common.DefaultOrigin,
+		RemoteName:        git.DefaultOrigin,
 		ReferenceName:     plumbing.NewBranchReferenceName(c.branch),
 		SingleBranch:      true,
 		NoCheckout:        false,
 		RecurseSubmodules: 0,
 		Progress:          nil,
-		Tags:              git.NoTags,
+		Tags:              extgogit.NoTags,
 	})
 	if err != nil {
 		return nil, "", fmt.Errorf("unable to clone '%s', error: %w", url, err)
@@ -143,7 +143,7 @@ func (c *CheckoutCommit) Checkout(ctx context.Context, path, url string, auth *c
 	if err != nil {
 		return nil, "", fmt.Errorf("git commit '%s' not found: %w", c.commit, err)
 	}
-	err = w.Checkout(&git.CheckoutOptions{
+	err = w.Checkout(&extgogit.CheckoutOptions{
 		Hash:  commit.Hash,
 		Force: true,
 	})
@@ -157,21 +157,21 @@ type CheckoutSemVer struct {
 	semVer string
 }
 
-func (c *CheckoutSemVer) Checkout(ctx context.Context, path, url string, auth *common.Auth) (common.Commit, string, error) {
+func (c *CheckoutSemVer) Checkout(ctx context.Context, path, url string, auth *git.Auth) (git.Commit, string, error) {
 	verConstraint, err := semver.NewConstraint(c.semVer)
 	if err != nil {
 		return nil, "", fmt.Errorf("semver parse range error: %w", err)
 	}
 
-	repo, err := git.PlainCloneContext(ctx, path, false, &git.CloneOptions{
+	repo, err := extgogit.PlainCloneContext(ctx, path, false, &extgogit.CloneOptions{
 		URL:               url,
 		Auth:              auth.AuthMethod,
-		RemoteName:        common.DefaultOrigin,
+		RemoteName:        git.DefaultOrigin,
 		NoCheckout:        false,
 		Depth:             1,
 		RecurseSubmodules: 0,
 		Progress:          nil,
-		Tags:              git.AllTags,
+		Tags:              extgogit.AllTags,
 	})
 	if err != nil {
 		return nil, "", fmt.Errorf("unable to clone '%s', error: %w", url, err)
@@ -238,7 +238,7 @@ func (c *CheckoutSemVer) Checkout(ctx context.Context, path, url string, auth *c
 		return nil, "", fmt.Errorf("git worktree error: %w", err)
 	}
 
-	err = w.Checkout(&git.CheckoutOptions{
+	err = w.Checkout(&extgogit.CheckoutOptions{
 		Branch: plumbing.NewTagReferenceName(t),
 	})
 	if err != nil {

pkg/git/gogit/checkout_test.go

@@ -22,11 +22,11 @@ import (
 	"os"
 	"testing"
 
-	"github.com/fluxcd/source-controller/pkg/git/common"
+	"github.com/fluxcd/source-controller/pkg/git"
 )
 
 func TestCheckoutTagSemVer_Checkout(t *testing.T) {
-	auth := &common.Auth{}
+	auth := &git.Auth{}
 	tag := CheckoutTag{
 		tag: "v1.7.0",
 	}

pkg/git/gogit/transport.go

@@ -26,10 +26,10 @@ import (
 
 	"github.com/fluxcd/pkg/ssh/knownhosts"
 
-	"github.com/fluxcd/source-controller/pkg/git/common"
+	"github.com/fluxcd/source-controller/pkg/git"
 )
 
-func AuthSecretStrategyForURL(URL string) (common.AuthSecretStrategy, error) {
+func AuthSecretStrategyForURL(URL string) (git.AuthSecretStrategy, error) {
 	u, err := url.Parse(URL)
 	if err != nil {
 		return nil, fmt.Errorf("failed to parse URL to determine auth strategy: %w", err)
@@ -47,8 +47,8 @@ func AuthSecretStrategyForURL(URL string) (common.AuthSecretStrategy, error) {
 
 type BasicAuth struct{}
 
-func (s *BasicAuth) Method(secret corev1.Secret) (*common.Auth, error) {
-	if _, ok := secret.Data[common.CAFile]; ok {
+func (s *BasicAuth) Method(secret corev1.Secret) (*git.Auth, error) {
+	if _, ok := secret.Data[git.CAFile]; ok {
 		return nil, fmt.Errorf("found caFile key in secret '%s' but go-git HTTP transport does not support custom certificates", secret.Name)
 	}
 
@@ -62,18 +62,17 @@ func (s *BasicAuth) Method(secret corev1.Secret) (*common.Auth, error) {
 	if auth.Username == "" || auth.Password == "" {
 		return nil, fmt.Errorf("invalid '%s' secret data: required fields 'username' and 'password'", secret.Name)
 	}
-	return &common.Auth{AuthMethod: auth}, nil
+	return &git.Auth{AuthMethod: auth}, nil
 }
 
 type PublicKeyAuth struct {
 	user string
 }
 
-func (s *PublicKeyAuth) Method(secret corev1.Secret) (*common.Auth, error) {
-	if _, ok := secret.Data[common.CAFile]; ok {
+func (s *PublicKeyAuth) Method(secret corev1.Secret) (*git.Auth, error) {
+	if _, ok := secret.Data[git.CAFile]; ok {
 		return nil, fmt.Errorf("found caFile key in secret '%s' but go-git SSH transport does not support custom certificates", secret.Name)
 	}
-
 	identity := secret.Data["identity"]
 	knownHosts := secret.Data["known_hosts"]
 	if len(identity) == 0 || len(knownHosts) == 0 {
@@ -82,7 +81,7 @@ func (s *PublicKeyAuth) Method(secret corev1.Secret) (*common.Auth, error) {
 
 	user := s.user
 	if user == "" {
-		user = common.DefaultPublicKeyAuthUser
+		user = git.DefaultPublicKeyAuthUser
 	}
 
 	pk, err := ssh.NewPublicKeys(user, identity, "")
@@ -95,5 +94,5 @@ func (s *PublicKeyAuth) Method(secret corev1.Secret) (*common.Auth, error) {
 		return nil, err
 	}
 	pk.HostKeyCallback = callback
-	return &common.Auth{AuthMethod: pk}, nil
+	return &git.Auth{AuthMethod: pk}, nil
 }