diff --git a/internal/cmd/preprocessor/cmd/rootfile.go b/internal/cmd/preprocessor/cmd/rootfile.go index a2a9d179e..9857d27d9 100644 --- a/internal/cmd/preprocessor/cmd/rootfile.go +++ b/internal/cmd/preprocessor/cmd/rootfile.go @@ -705,31 +705,6 @@ func (m *multiStepScript) run() { // otherwise stderr is not line buffered "-t", - // TODO: as a temporary measure, pass CUE_TEST_LOGINS through from the - // host (documentation author) environment to the running multi-step - // script. CUE_TEST_LOGINS should be set to a string that can be written - // to $CUE_CONFIG_DIR/logins.json. This allows us to perform a headless - // 'cue login' step in a guide, whilst asking the user (via #norun - // script) to perform an actual 'cue login'. - // - // The proper/complete solution here is to have the host provide a blob - // of JSON that maps from a set of well-known users to credentials. These - // well-known users are isolated and limited bot accounts that we define - // to perform well-known roles. e.g. user1 has access to these repos, - // write access to these others, but no access to these private repos. - // We will document the role each such user plays. The central registry - // will then give those with sufficient permissions the ability to create - // short-lived tokens for these users. The short-lived tokens can then be - // passed to the preprocessor. Each guide can then declare the list of - // well-known test users it requires. The preprocessor can then lookup - // the credentials in the host-provided blob, and make the credentials - // available via well-known environment variables e.g. - // USER1_CUE_TEST_LOGINS or similar. This approach will also allow us to - // know precisely what data that is passed in is credentials. We can also - // therefore perform a final "blanking" phase for safety's sake where we - // string replace credentials with '*****' or similar. - "-e", "CUE_TEST_LOGINS", - // mount the bash script "--mount", fmt.Sprintf("type=bind,source=%s,target=/scripts,readonly", scriptsDir), ) diff --git a/internal/cmd/preprocessor/cmd/testdata/execute_multistagescript.txtar b/internal/cmd/preprocessor/cmd/testdata/execute_multistagescript.txtar index 08d5da1be..f048e2b56 100644 --- a/internal/cmd/preprocessor/cmd/testdata/execute_multistagescript.txtar +++ b/internal/cmd/preprocessor/cmd/testdata/execute_multistagescript.txtar @@ -2,8 +2,6 @@ # This includes formatting an upload node, running a script node, and # skipping formatting a file in another upload node. -env CUE_TEST_LOGINS=blah - unquote content/dir/en.md golden/content/dir/en.md.writeBack # Run the preprocessor @@ -146,10 +144,6 @@ Hello! >{{{with script "en" "subst env var"}}} >echo $CUELANG_CUE_DEFAULT >{{{end}}} -> ->{{{with script "en" "passed in env var"}}} ->echo $CUE_TEST_LOGINS ->{{{end}}} -- golden/content/dir/en.md.writeBack -- >--- >title: JSON Superset @@ -215,10 +209,6 @@ Hello! >{{{with script "en" "subst env var"}}} >echo $CUELANG_CUE_DEFAULT >{{{end}}} -> ->{{{with script "en" "passed in env var"}}} ->echo $CUE_TEST_LOGINS ->{{{end}}} -- golden/hugo/content/en/dir/index.md -- --- title: JSON Superset @@ -285,11 +275,6 @@ $ nonexistent command $ echo v0.9.0-alpha.3 v0.9.0-alpha.3 ``` - -```text { title="TERMINAL" type="terminal" codeToCopy="ZWNobyAkQ1VFX1RFU1RfTE9HSU5T" } -$ echo $CUE_TEST_LOGINS -blah -``` -- golden/content/dir/gen_cache.cue -- package site { @@ -303,8 +288,8 @@ package site "in-subdir": "0qJmh3aq7QZU2/HOLE30MQebvDJcPzZbV6DUBf0kyNM=" } multi_step: { - hash: "J4VHBNFQTQD3N68LBEHKLFF8JBD9SEROLP4Q44MPPKE5AGTIUVRG====" - scriptHash: "RTE18RDQ3BFG4B5U2VR92496OPO5NOT61C424QBCDDT1RAAGPOUG====" + hash: "VIP77P8O62HK9CELKATL279BJ4GLEA4IBHAA10DCIR66FIDSENO0====" + scriptHash: "4R7CKCD6U3F6M7HMDOORM6L5LARG5T2HN3S7TGFFUFAJ61CAS8LG====" steps: [{ doc: "" cmd: "cat nested/file.txt" @@ -385,14 +370,6 @@ package site output: """ v0.9.0-alpha.3 - """ - }, { - doc: "" - cmd: "echo $CUE_TEST_LOGINS" - exitCode: 0 - output: """ - blah - """ }] }