Add JSON output to gh auth status
#11544
Conversation
gh auth status
|
This look great to me! |
babakks
left a comment
There was a problem hiding this comment.
Thanks for the PR, @benjlevesque! 🙏
I haven't yet fully reviewed it, just had a comment on the -t conflict case to trigger a discussion.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
babakks
left a comment
There was a problem hiding this comment.
Thanks for the update! 🙏 I'm asking for changes because there's a bug and also the showToken usage is still confusing.
pkg/cmd/auth/status/status.go
Outdated
| if e.Login != "" { | ||
| sb.WriteString(fmt.Sprintf(" %s Timeout trying to log in to %s account %s (%s)\n", cs.Red("X"), e.Host, cs.Bold(e.Login), e.TokenSource)) | ||
| } else { | ||
| sb.WriteString(fmt.Sprintf(" %s Timeout trying to log in to %s using token (%s)\n", cs.Red("X"), e.Host, e.TokenSource)) | ||
| } | ||
| activeStr := fmt.Sprintf("%v", e.Active) | ||
| sb.WriteString(fmt.Sprintf(" - Active account: %s\n", cs.Bold(activeStr))) | ||
|
|
||
| case authStateError: | ||
| if e.Login != "" { | ||
| sb.WriteString(fmt.Sprintf(" %s Failed to log in to %s account %s (%s)\n", cs.Red("X"), e.Host, cs.Bold(e.Login), e.TokenSource)) | ||
| } else { | ||
| sb.WriteString(fmt.Sprintf(" %s Failed to log in to %s using token (%s)\n", cs.Red("X"), e.Host, e.TokenSource)) | ||
| } |
There was a problem hiding this comment.
I tried gh auth status with and without --json, and noticed the output is not the same (i.e. error field was empty for invalid entries). The reason is authEntry.Error is never assigned in buildEntry, and rather we print the error here in display stage.
So, let's move these error messages to buildEntry and populate authEntry.Error with them, and then here we can just print the authEntry.Error value.
There was a problem hiding this comment.
good catch! I updated the test to cover the JSON output of the error field, plus added a missing test on the token auth.
Also, I refactored the String function, which was hard to read, without the switch/case.
I chose to keep a minimal error in the JSON, and append the formatted details (login, host and token source) only for the regular output, as all of these information are already available in the JSON. Also in order to keep formatting details out of the buildEntry function... Wdyt?
|
@benjlevesque, as an update we decided to slightly change the JSON output structure to make room for future extensibility. The PR looks very good and I really appreciate your work! 🍻 I'm going to apply the changes on this PR and then ask @BagToad for a review. |
got it, no problem. Just out of curiosity, what are the changes you decided? |
|
It's about avoiding the top-level object being a dynamic-key map. The problem with a dynamic-key map (or an array) at the top-level is that you cannot extend them in the future (e.g. by adding a new key/value pair) without the risk of breaking automation scripts. So, a safe/forward-compatible approach is something like this: {
"hosts": {
"github.com": [/*...*/],
"another.host": [/*...*/],
}
}This allows us to add more top-level fields next to Another merit is that users are now free of specifying individual entry fields (i.e. |
|
I see, this seems like a good idea 👍 |
Signed-off-by: Babak K. Shandiz <babakks@github.com>
Signed-off-by: Babak K. Shandiz <babakks@github.com>
|
This PR works great for a project of mine, where I just want a programmatic way to tell if ❯ gh auth status --json hosts
{
"hosts": {
"github.com": [
{
"state": "success",
"active": true,
"host": "github.com",
"login": "srid",
"tokenSource": "keyring",
"scopes": "gist, read:org, repo",
"gitProtocol": "ssh"
}
]
}
}I suppose checking for "active" to be |
Signed-off-by: Babak K. Shandiz <babakks@github.com>
@srid, I'm not sure what exactly you mean by signed in (e.g. as in having a valid/working token, or just have signed in at some point), but please note that:
|
|
Ah, I just noticed that
If so, how can the JSON be restructured to reliably get that active token? In the current schema, it is possible for arbitrary number of tokens to be active, since it is just a list. |
Basically, I want to make sure that the user has |
Yes, only one entry per hostname can be active. You can run the command with UPDATE: if you already know the hostname, technically you can try |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [cli/cli](https://github.com/cli/cli) | minor | `v2.80.0` -> `v2.81.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>cli/cli (cli/cli)</summary> ### [`v2.81.0`](https://github.com/cli/cli/releases/tag/v2.81.0): GitHub CLI 2.81.0 [Compare Source](cli/cli@v2.80.0...v2.81.0) #### Support for GitHub Release Attestations This release introduces the `release verify` and `release verify-asset` commands for verifying GitHub Release attestations. Part of the Immutable Releases initiative, a release attestation provides a signed, timestamped binding between a release, its git tag, and any associated assets. These new commands provide a convenient way to verify the integrity of an immutable release against its attestation. - Verify the latest release has a valid attestation: `gh release verify` - Verify a specific release by tag: `gh release verify v1.2.3` - Verify an asset from the latest release: `gh release verify-asset my-asset.zip` - Verify a local asset file originated from a specific release: `gh release verify-asset v1.2.3 my-asset.zip` These commands help ensure that releases and their assets are authentic and haven’t been tampered with, providing an additional layer of security for your software supply chain. #### `gh auth status` Supports JSON Output This release adds support for the `--json` flag in `gh auth status`. Run `gh auth status --help` for more information and usage examples. #### What's Changed ##### ✨ Features - Add alias `co` for `pr checkout` by [@​babakks](https://github.com/babakks) in [#​11804](cli/cli#11804) - Add JSON output to `gh auth status` by [@​benjlevesque](https://github.com/benjlevesque) in [#​11544](cli/cli#11544) - `release verify` and `release verify-asset` are now visible by [@​ejahnGithub](https://github.com/ejahnGithub) in [#​11801](cli/cli#11801) ##### 🐛 Fixes - Fix no tagname logic for release verify-asset by [@​ejahnGithub](https://github.com/ejahnGithub) in [#​11798](cli/cli#11798) ##### 📚 Docs & Chores - refactor: use strings.FieldsFuncSeq to reduce memory allocations by [@​juejinyuxitu](https://github.com/juejinyuxitu) in [#​11805](cli/cli#11805) #### New Contributors - [@​juejinyuxitu](https://github.com/juejinyuxitu) made their first contribution in [#​11805](cli/cli#11805) **Full Changelog**: <cli/cli@v2.80.0...v2.81.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMzIuNSIsInVwZGF0ZWRJblZlciI6IjQxLjEzMi41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
This PR adds a
--jsonflag to thegh auth statuscommand.--jqand--templateare also availableResolves #8637
Acceptance criteria: #8637 (comment)