From 4258c0cf20ddb17b8495b7c85fb5c46d067a6e7e Mon Sep 17 00:00:00 2001
From: Jamie Slome <jamieizakslome@gmail.com>
Date: Thu, 9 May 2024 16:40:16 +0100
Subject: [PATCH] fix: remove auth headers from bare clone of upstream
 repository @msagi

---
 .../processors/push-action/pullRemote.js      | 23 +++----------------
 1 file changed, 3 insertions(+), 20 deletions(-)

diff --git a/src/proxy/processors/push-action/pullRemote.js b/src/proxy/processors/push-action/pullRemote.js
index a851044e..7d31edf7 100644
--- a/src/proxy/processors/push-action/pullRemote.js
+++ b/src/proxy/processors/push-action/pullRemote.js
@@ -21,26 +21,9 @@ const exec = async (req, action) => {
 
     const cmd = `git clone ${action.url} --bare`;
 
-    // Retrieve authorization headers
-    const authorizationHeader = req.headers?.authorization;
-
-    // Validate the authorization headers
-    const authorizationValid =
-      authorizationHeader &&
-      typeof authorizationHeader === 'string' &&
-      authorizationHeader.includes('Basic ');
-
-    // Construct clone URL depending on presence of authorization headers
-    const cloneUrl = authorizationValid
-      ? `https://${Buffer.from(authorizationHeader.split(' ')[1], 'base64')}@${action.url.replace(
-          /https*:\/\//,
-          '',
-        )}`
-      : action.url;
-
-    step.log(`Exectuting ${cmd}${authorizationValid ? ' with credentials' : ''}`);
-
-    const response = spawnSync('git', ['clone', cloneUrl, '--bare', '--progress'], {
+    step.log(`Exectuting ${cmd}`);
+
+    const response = spawnSync('git', ['clone', action.url, '--bare', '--progress'], {
       cwd: action.proxyGitPath,
       encoding: 'utf-8',
     });