From 187e26d747bc88caf915e9943d6b041f017afe02 Mon Sep 17 00:00:00 2001 From: Ahmed El-Sharnoby Date: Wed, 9 Jul 2025 17:19:58 +0200 Subject: [PATCH 1/4] Add Configuration variable to allow using custom Authorization header --- README.md | 5 +++++ core/core.go | 9 +++++++++ httputil/httputil.go | 16 ++++++++++++---- 3 files changed, 26 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index f73bbcda..7ab630bb 100644 --- a/README.md +++ b/README.md @@ -221,6 +221,11 @@ This behavior can be disabled by setting the environment variable `BAZELISK_SKIP You can control the user agent that Bazelisk sends in all HTTP requests by setting `BAZELISK_USER_AGENT` to the desired value. +You can set the Authorization header that Bazelisk sends in all HTTP requests by setting `BAZELISK_AUTH_HEADER` to the desired value. +```shell +export BAZELISK_AUTH_HEADER="bearer " +``` + On Windows, Bazelisk will also consider the following files in addition to `tools/bazel`: * `tools/bazel.ps1` (PowerShell) diff --git a/core/core.go b/core/core.go index ee8d1154..f7daa056 100644 --- a/core/core.go +++ b/core/core.go @@ -99,6 +99,7 @@ func RunBazeliskWithArgsFuncAndConfig(argsFunc ArgsFunc, repos *Repositories, co // repositories and config, writing its stdout to the passed writer. func RunBazeliskWithArgsFuncAndConfigAndOut(argsFunc ArgsFunc, repos *Repositories, config config.Config, out io.Writer) (int, error) { httputil.UserAgent = getUserAgent(config) + httputil.AuthHeader = getAuthHeader(config) bazelInstallation, err := GetBazelInstallation(repos, config) if err != nil { @@ -300,6 +301,14 @@ func getUserAgent(config config.Config) string { return fmt.Sprintf("Bazelisk/%s", BazeliskVersion) } +func getAuthHeader(config config.Config) string { + auth_header := config.Get("BAZELISK_AUTH_HEADER") + if len(auth_header) > 0 { + return auth_header + } + return "" +} + // GetBazelVersion returns the Bazel version that should be used. func GetBazelVersion(config config.Config) (string, error) { // Check in this order: diff --git a/httputil/httputil.go b/httputil/httputil.go index c020e064..a6457573 100644 --- a/httputil/httputil.go +++ b/httputil/httputil.go @@ -27,6 +27,8 @@ var ( DefaultTransport = http.DefaultTransport // UserAgent is passed to every HTTP request as part of the 'User-Agent' header. UserAgent = "Bazelisk" + // AuthHeader is optionally set to a value that is passed as part of the 'Authorization' header in HTTP requests. + AuthHeader = "" linkPattern = regexp.MustCompile(`<(.*?)>; rel="(\w+)"`) // RetryClock is used for waiting between HTTP request retries. @@ -213,10 +215,16 @@ func DownloadBinary(originURL, destDir, destFile string, config config.Config) ( log.Printf("Downloading %s...", originURL) var auth string = "" - t, err := tryFindNetrcFileCreds(u.Host) - if err == nil { - // successfully parsed netrc for given host - auth = t + if AuthHeader != "" { + // If AuthHeader is set, use it as the Authorization header. + log.Printf("Authorization header is set using BAZELISK_AUTH_HEADER, using it for %s", u.Host) + auth = AuthHeader + } else { + t, err := tryFindNetrcFileCreds(u.Host) + if err == nil { + // successfully parsed netrc for given host + auth = t + } } resp, err := get(originURL, auth) From 6d5db3a99562179bf8d6d30fea57bf5860ef0a15 Mon Sep 17 00:00:00 2001 From: Ahmed El-Sharnoby Date: Thu, 17 Jul 2025 14:18:42 +0200 Subject: [PATCH 2/4] Consistent Formatting Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- httputil/httputil.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/httputil/httputil.go b/httputil/httputil.go index a6457573..7f0b617f 100644 --- a/httputil/httputil.go +++ b/httputil/httputil.go @@ -28,7 +28,7 @@ var ( // UserAgent is passed to every HTTP request as part of the 'User-Agent' header. UserAgent = "Bazelisk" // AuthHeader is optionally set to a value that is passed as part of the 'Authorization' header in HTTP requests. - AuthHeader = "" + AuthHeader = "" linkPattern = regexp.MustCompile(`<(.*?)>; rel="(\w+)"`) // RetryClock is used for waiting between HTTP request retries. From 086d75ab7aec540628ec6a01ad1b857e7bd0ed34 Mon Sep 17 00:00:00 2001 From: Ahmed El-Sharnoby Date: Thu, 17 Jul 2025 14:19:06 +0200 Subject: [PATCH 3/4] Update README.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7ab630bb..5f579e7b 100644 --- a/README.md +++ b/README.md @@ -223,7 +223,7 @@ You can control the user agent that Bazelisk sends in all HTTP requests by setti You can set the Authorization header that Bazelisk sends in all HTTP requests by setting `BAZELISK_AUTH_HEADER` to the desired value. ```shell -export BAZELISK_AUTH_HEADER="bearer " +export BAZELISK_AUTH_HEADER="Bearer " ``` On Windows, Bazelisk will also consider the following files in addition to `tools/bazel`: From 2765f1772d7cd274c00153cd492b812e68a6514a Mon Sep 17 00:00:00 2001 From: Ahmed El-Sharnoby Date: Thu, 17 Jul 2025 16:22:58 +0200 Subject: [PATCH 4/4] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 5f579e7b..6d7bf8fb 100644 --- a/README.md +++ b/README.md @@ -259,6 +259,7 @@ The following variables can be set: - `BAZELISK_SHUTDOWN` - `BAZELISK_SKIP_WRAPPER` - `BAZELISK_USER_AGENT` +- `BAZELISK_AUTH_HEADER` - `BAZELISK_VERIFY_SHA256` - `USE_BAZEL_VERSION`