From 9b15d5fed0e6a7a11267e78a0df8ed02c56c47b5 Mon Sep 17 00:00:00 2001 From: Nathan Trudeau Date: Wed, 29 Apr 2026 09:39:59 -0400 Subject: [PATCH] Fix ports examples and refs --- README.md | 8 +++--- tests/test_git_credential_forge.py | 46 +++++++++++++++--------------- 2 files changed, 27 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index ea8573f..18ea738 100644 --- a/README.md +++ b/README.md @@ -67,9 +67,9 @@ SSH-forward the port (see *Headless and SSH hosts*) rather than trying to publish the callback over the network. `FORGE_GITEA_URL` is the canonical public HTTPS endpoint. Do not append -`:6006`; Pangolin terminates TLS on the public edge and the onboarding -repo, orchestrator clone URL, and global git credential scope all assume -the standard portless form. +any port suffix; Pangolin terminates TLS on the standard public HTTPS +port and the onboarding repo, orchestrator clone URL, and global git +credential scope all assume the portless form. `.env` is gitignored. OAuth client IDs are public by design; PKCE requires no client secret. @@ -213,7 +213,7 @@ with a browser to populate a valid refresh token before running | --- | --- | | `just doctor` reports a missing tool | Run the `fix:` command printed beside it. | | `~/.local/bin` not on `PATH` | Add `export PATH="$HOME/.local/bin:$PATH"` to the shell rc and reopen. | -| `just check-gitea` → connection refused | Verify `FORGE_GITEA_URL`, confirm it is `https://gitea.cvgitea.ddns.net` for production, and do not append `:6006`. | +| `just check-gitea` → connection refused | Verify `FORGE_GITEA_URL`, confirm it is `https://gitea.cvgitea.ddns.net` for production, and do not append any port suffix. | | `just login` → browser does not open | Run `just login-headless`. | | `just login` → timed out waiting for OAuth callback | Consent was not completed in the browser; re-run. | | `just login` → cannot bind `127.0.0.1:38111` | Another `just login` is running; wait or kill it. | diff --git a/tests/test_git_credential_forge.py b/tests/test_git_credential_forge.py index 9ebfda5..b77628c 100755 --- a/tests/test_git_credential_forge.py +++ b/tests/test_git_credential_forge.py @@ -41,10 +41,10 @@ def _write_store(tmp: Path, payload: dict) -> Path: class ReadGitFieldsTests(unittest.TestCase): def test_full_block(self) -> None: - buf = io.StringIO("protocol=https\nhost=g.example:6006\npath=a/b.git\n\n") + buf = io.StringIO("protocol=https\nhost=g.example:8443\npath=a/b.git\n\n") self.assertEqual( gcf.read_git_fields(buf), - {"protocol": "https", "host": "g.example:6006", "path": "a/b.git"}, + {"protocol": "https", "host": "g.example:8443", "path": "a/b.git"}, ) def test_eof_without_blank_line(self) -> None: @@ -66,24 +66,24 @@ class RequestMatchesTests(unittest.TestCase): def test_exact_match_including_port(self) -> None: self.assertTrue( gcf._request_matches( - {"protocol": "https", "host": "g.example:6006"}, - ("https", "g.example", 6006), + {"protocol": "https", "host": "g.example:8443"}, + ("https", "g.example", 8443), ) ) def test_wrong_scheme_no_match(self) -> None: self.assertFalse( gcf._request_matches( - {"protocol": "http", "host": "g.example:6006"}, - ("https", "g.example", 6006), + {"protocol": "http", "host": "g.example:8443"}, + ("https", "g.example", 8443), ) ) def test_wrong_host_no_match(self) -> None: self.assertFalse( gcf._request_matches( - {"protocol": "https", "host": "other.example:6006"}, - ("https", "g.example", 6006), + {"protocol": "https", "host": "other.example:8443"}, + ("https", "g.example", 8443), ) ) @@ -91,7 +91,7 @@ class RequestMatchesTests(unittest.TestCase): self.assertFalse( gcf._request_matches( {"protocol": "https", "host": "g.example:7000"}, - ("https", "g.example", 6006), + ("https", "g.example", 8443), ) ) @@ -116,7 +116,7 @@ class RequestMatchesTests(unittest.TestCase): def test_stored_default_https_request_with_other_port_no_match(self) -> None: self.assertFalse( gcf._request_matches( - {"protocol": "https", "host": "g.example:6006"}, + {"protocol": "https", "host": "g.example:8443"}, ("https", "g.example", None), ) ) @@ -138,7 +138,7 @@ class CmdGetTests(unittest.TestCase): tmp = Path(d) env = { "FSDGG_AUTH_STORE_PATH": str(tmp / "client-auth.json"), - "FORGE_GITEA_URL": "https://g.example:6006", + "FORGE_GITEA_URL": "https://g.example:8443", "FSDGG_CLI_CLIENT_ID": "client-1", "FSDGG_CLI_REDIRECT_URI": "http://127.0.0.1:38111/callback", "HOME": str(tmp), @@ -165,33 +165,33 @@ class CmdGetTests(unittest.TestCase): "username": "alice", "gitea_access_token": "LIVETOKEN", "gitea_token_expires_at": time.time() + 3600, - "_forge_gitea_base_url": "https://g.example:6006", + "_forge_gitea_base_url": "https://g.example:8443", } rc, out, _ = self._run( store_payload=payload, - stdin_text="protocol=https\nhost=g.example:6006\npath=org/repo.git\n\n", + stdin_text="protocol=https\nhost=g.example:8443\npath=org/repo.git\n\n", ) self.assertEqual(rc, 0) parsed = dict(l.split("=", 1) for l in out.strip().splitlines()) self.assertEqual(parsed["username"], "alice") self.assertEqual(parsed["password"], "LIVETOKEN") - self.assertEqual(parsed["host"], "g.example:6006") + self.assertEqual(parsed["host"], "g.example:8443") def test_no_store_passes_through(self) -> None: rc, out, _ = self._run( store_payload=None, - stdin_text="protocol=https\nhost=g.example:6006\n\n", + stdin_text="protocol=https\nhost=g.example:8443\n\n", ) self.assertEqual(rc, 0) self.assertNotIn("password=", out) - self.assertIn("host=g.example:6006", out) + self.assertIn("host=g.example:8443", out) def test_non_matching_host_passes_through(self) -> None: payload = { "username": "alice", "gitea_access_token": "LIVETOKEN", "gitea_token_expires_at": time.time() + 3600, - "_forge_gitea_base_url": "https://g.example:6006", + "_forge_gitea_base_url": "https://g.example:8443", } rc, out, _ = self._run( store_payload=payload, @@ -205,11 +205,11 @@ class CmdGetTests(unittest.TestCase): payload = { "username": "alice", "gitea_access_token": "", - "_forge_gitea_base_url": "https://g.example:6006", + "_forge_gitea_base_url": "https://g.example:8443", } rc, out, _ = self._run( store_payload=payload, - stdin_text="protocol=https\nhost=g.example:6006\n\n", + stdin_text="protocol=https\nhost=g.example:8443\n\n", ) self.assertEqual(rc, 0) self.assertNotIn("password=", out) @@ -221,7 +221,7 @@ class CmdGetTests(unittest.TestCase): "username": "alice", "gitea_access_token": "EXPIRED", "gitea_token_expires_at": time.time() - 10, - "_forge_gitea_base_url": "https://g.example:6006", + "_forge_gitea_base_url": "https://g.example:8443", "_forge_refresh_token": "REFRESH", "_forge_client_id": "client-1", } @@ -239,7 +239,7 @@ class CmdGetTests(unittest.TestCase): with mock.patch.object(gcf.forge_auth, "run_refresh", side_effect=fake_refresh): rc, out, _ = self._run( store_payload=payload, - stdin_text="protocol=https\nhost=g.example:6006\n\n", + stdin_text="protocol=https\nhost=g.example:8443\n\n", ) self.assertEqual(rc, 0) parsed = dict(l.split("=", 1) for l in out.strip().splitlines()) @@ -250,7 +250,7 @@ class CmdGetTests(unittest.TestCase): "username": "alice", "gitea_access_token": "EXPIRED", "gitea_token_expires_at": time.time() - 10, - "_forge_gitea_base_url": "https://g.example:6006", + "_forge_gitea_base_url": "https://g.example:8443", "_forge_refresh_token": "DEAD", } @@ -260,7 +260,7 @@ class CmdGetTests(unittest.TestCase): with mock.patch.object(gcf.forge_auth, "run_refresh", side_effect=fake_refresh): rc, out, err = self._run( store_payload=payload, - stdin_text="protocol=https\nhost=g.example:6006\n\n", + stdin_text="protocol=https\nhost=g.example:8443\n\n", ) self.assertEqual(rc, 0) self.assertNotIn("password=", out)