stacklok / toolhive / 21704774481
61%

DEFAULT BRANCH: main
Ran
Jobs 1
Files 492
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 60.834% (+0.03%) from 60.806%
21704774481

push

github

web-flow 
add private Git repository authentication for `MCPRegistry` (#3577)

* Add private Git repository authentication for MCPRegistry

Add support for authenticating with private Git repositories in the
MCPRegistry CRD. This enables syncing registry data from private
GitHub, GitLab, and Bitbucket repositories using HTTP Basic Auth.

Changes:
- Add GitAuthConfig type to MCPRegistry CRD with username and
  passwordSecretRef fields
- Generate config for registry-server with git.auth.username and
  git.auth.passwordFile settings
- Mount password secrets at /secrets/{secretName}/ in registry-api pod
- Add comprehensive unit tests for config generation and pod template
- Add integration tests for Git authentication scenarios
- Update documentation with examples and best practices
- Create new example: mcpregistry-git-private.yaml

This integrates with the private Git authentication support added in
toolhive-registry-server PR #420.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* Require key field in git auth password secret reference

Make the key field required in passwordSecretRef for git authentication,
matching the validation behavior of the secret name field. This ensures
explicit configuration rather than relying on defaults.

Also removes redundant "git source without auth is valid" test as this
case is already covered by other tests.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* Remove redundant git auth volume test

Remove "git registry without auth has no git auth volume" test as this
case is already covered by existing tests that verify no volumes are
present when git auth is not configured.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* Remove default key fallback from git auth mount

Since the key field is now validated as required in buildGitAuthConfig(),
remove the dead code that defaulted to "password" when key was empty.

- Update WithGitAuthMount to return early if key is empty
- Change test to verify no v... (continued)

61 of 82 new or added lines in 4 files covered. (74.39%)

2 existing lines in 1 file now uncovered.

40843 of 67138 relevant lines covered (60.83%)

79.21 hits per line

New Missed Lines in Diff

Lines Coverage File
4
93.19
 -0.59% cmd/thv-operator/pkg/registryapi/config/config.go
17
35.92
 -0.29% cmd/thv-operator/api/v1alpha1/zz_generated.deepcopy.go

Uncovered Existing Lines

Lines Coverage File
2
71.43
 -1.68% pkg/vmcp/k8s/manager.go
Jobs
ID Job ID Ran Files Coverage
1 21704774481.1 492
60.83
 GitHub Action Run
Source Files on build 21704774481