Skip to content

Instantly share code, notes, and snippets.

@MatteoOreficeIT

MatteoOreficeIT/How to store GIT credentials on Azure Kudu environement.md

Last active January 25, 2018 16:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save MatteoOreficeIT/fa9b8e67bc9e93cc43fdd2d472a4b9cd to your computer and use it in GitHub Desktop.
Save MatteoOreficeIT/fa9b8e67bc9e93cc43fdd2d472a4b9cd to your computer and use it in GitHub Desktop.
Download ZIP
How to store GIT credentials on Azure (Kudu) environment for external private git repositories authentication
Raw
How to store GIT credentials on Azure Kudu environement.md

Global GIT Config File

Original problem

  • We need to authenticate to multiple private external repositories using credentials stored in a file
  • We don't want use private/public RSA keys with ssh

Investigating how to load user defined .gitconfig

I tried to understand what was the default .gitconfig location in Azure:

git config --system -l
git config --global -l
git config --local -l ( only for local repository )
git config --show-origin -l

I discovered that $HOME/.gitconfig is not writale and we cannot create it in Kudu CMD console :

- 409 Conflict: Could not write to local resource 'D:\home\.gitconfig' due to error 
- 'Access to the path 'D:\home\.gitconfig' is denied.'.

My conclusion was :

  • system and global locations are unwritable
  • we cannot use user .gitconfig file in default $HOME location
  • the only chance is change GIT_CONFIG env var to point to a user defined file in a writable location
  • we can copy git config options from --system config and paste in our custom file d:/home/git/config

You can test correct gitconfig placement with the following commands that start git with your new config file:

git config --file d:/home/git/config -l
GIT_CONFIG=d:/home/git/config git config -l

System wide gitconfig

Use this template or copy from git system config :

[http]
sslcainfo=D:/Program Files (x86)/Git/mingw32/ssl/certs/ca-bundle.crt
#sslbackend=openssl

[diff "astextplain"]
textconv=astextplain

[filter "lfs"]
clean=git-lfs clean -- %f
smudge=git-lfs smudge -- %f
required=true
process=git-lfs filter-process


[pack]
packsizelimit=2g

[credential]
helper="store --file=d:/home/git/credentials"

Azure Environment Variables

You need to set this env var in porta.azure.com app properties:

set GIT_CONFIG=d:/home/git/config
set XDG_CONFIG_HOME=d:/home

Create file %GIT_CONFIG%

Add your user details into your git config

[user]
name = Matteo Orefice
email = user@youremail.com

Create file %XDG_CONFIG_HOME%/git/credentials

After generating PAT Personal Access Token you can authenticate to your external visualstudio.com repo, put this in the credentials file

https://matteo.orefice:YOURPASSWORD@bitiagit.visualstudio.com

Clone a repository

Change Kudu deployment target

set DEPLOYMENT_TARGET=d:/home/site/app

Change WWW public

set WEBROOT_PATH=d:/home/site/app/wwwroot

vendor in public dir unaccessible

If you installed composer as azure extension make sure to put in your web.config file this directives:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <system.webServer>
        ...
        <rewrite>
            <rules>
                <clear/>
                ...
                your other rules
            </rules>
        </rewrite>    
    </system.webServer>
</configuration>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment