feat: Avoid use the secret value in the DevOps scm verify API.

Created by: mangoGoForward

Signed-off-by: mango xu.weiKyrie@foxmail.com

What type of PR is this?

/kind feature

What this PR does / why we need it:

Please see #2893 (closed)

Which issue(s) this PR fixes:

Fixes #2893 (closed)

Special notes for reviewers:

The request Payload screenshot like below:

Does this PR introduced a user-facing change?

None

Additional documentation, usage docs, etc.:

Created by: mangoGoForward

/area devops /cc @kubesphere/sig-console

Created by: mangoGoForward

/cc @kubesphere/sig-devops

Created by: LinuxSuRen

Review: Changes requested

hi @mangoGoForward thanks for your time. I'm sorry that I didn't update the description in time. But the new API was /v1alpha3/scms/github/verify

See the details from https://github.com/kubesphere/ks-devops/pull/439

The old API does not support it yet. See the following screenshot:

Created by: mangoGoForward

hi @mangoGoForward thanks for your time. I'm sorry that I didn't update the description in time. But the new API was /v1alpha3/scms/github/verify

See the details from kubesphere/ks-devops#439

The old API does not support it yet. See the following screenshot:

I noticed that the API of /v1alpha3/scms/github/verify has two query parameters,

https://github.com/kubesphere/ks-devops/blob/d54a80ebd16c0df7b4698869babb17e41fec681e/pkg/kapis/devops/v1alpha3/register.go#L214-L215.

please correct me, there are two things:

1. update API version.
2. add this two parameters instead of accessToken.

But I'm confused that the API why would throw the error of accessToken is required?

Created by: LinuxSuRen

You got the right way.

The old API does not accept the parameter name. This is the reason why it will throw the error.

Created by: mangoGoForward

Updated, please see 1ac41c45.

Created by: LinuxSuRen

Review: Changes requested

I got some problems when I test this PR manually.

Sorry about I didn't provide clear information about the API. See https://github.com/kubesphere/ks-devops/pull/439

The API takes secret and secretNamespace as the query parameters instead of payload.

The second problem is that I didn't get any tips when there is an error code. It will make users feel confused.

Sorry again for the inconvenience. I'll try to fix it based on your PR.

Created by: mangoGoForward

The API takes secret and secretNamespace as the query parameters instead of payload.

Sorry, I have not noticed that the API use query parameters instead of payload, but the API method is POST, may use query body better.

The second problem is that I didn't get any tips when there is an error code. It will make users feel confused.

I will check.

Created by: LinuxSuRen

hi @mangoGoForward thanks for helping us to figure out the difference between the secret type. See the corresponding PR https://github.com/kubesphere/ks-devops/pull/487/files

Created by: LinuxSuRen

I found out the front-end still call the following API which expose the password

Created by: mangoGoForward

I found out the front-end still call the following API which expose the password

Seems can hide in this API, we use scmType, secret name and namespaces to instead of data.password now.

Created by: LinuxSuRen

Seems can hide in this API, we use scmType, secret name and namespaces to instead of data.password now.

It would be better.

Created by: LinuxSuRen

Give the upstream project go-scm does not support listing repositories from a user or organization for now. I guess this PR needs to be held.

/hold

Created by: LinuxSuRen

Please feel free to use the following image if you want to help to test this PR:

surenpi/ks-console:latest@sha256:449d6ffacf2ab3a9984b106cb93c028e152ca6ab508e6a6f1039167e6264b5ef

Created by: LinuxSuRen

Review: Approved

I have tested it manually. It works well with the last commit. See the following screenshot:

/lgtm /approve

Created by: ks-ci-bot

LGTM label has been added.

Git tree hash: 6699886bc150ae5c318730ee205cc20d459dba74

Created by: LinuxSuRen

/unhold