docs clarifications that only for bit bucket

Signed-off-by: reggie-k <[email protected]>

cmd/argocd/commands/admin/repo.go

@@ -54,8 +54,8 @@ func NewGenRepoSpecCommand() *cobra.Command {
   # Add a private Git repository via HTTPS using username/password and TLS client certificates:
   argocd admin repo generate-spec https://git.example.com/repos/repo --username git --password secret --tls-client-cert-path ~/mycert.crt --tls-client-cert-key-path ~/mycert.key
 
-  # Add a private Git repository via HTTPS using bearer token:
-  argocd admin repo generate-spec https://git.example.com/repos/repo --bearer-token secret-token
+  # Add a private Git BitBucket repository via HTTPS using bearer token:
+  argocd admin repo generate-spec https://bitbucket.example.com/scm/proj/repo --bearer-token secret-token
 
   # Add a private Git repository via HTTPS using username/password without verifying the server's TLS certificate
   argocd admin repo generate-spec https://git.example.com/repos/repo --username git --password secret --insecure-skip-server-verification

cmd/argocd/commands/repocreds.go

@@ -66,6 +66,9 @@ func NewRepoCredsAddCommand(clientOpts *argocdclient.ClientOptions) *cobra.Comma
 	repocredsAddExamples := `  # Add credentials with user/pass authentication to use for all repositories under https://git.example.com/repos
   argocd repocreds add https://git.example.com/repos/ --username git --password secret
 
+  # Add credentials with bearer token authentication to use for all BitBucket repositories under https://bitbucket.example.com/scm
+  argocd repocreds add https://bitbucket.example.com/scm/ --bearer-token secret-token
+
   # Add credentials with SSH private key authentication to use for all repositories under ssh://[email protected]/repos
   argocd repocreds add ssh://[email protected]/repos/ --ssh-private-key-path ~/.ssh/id_rsa
 

cmd/util/repo.go

@@ -34,7 +34,7 @@ func AddRepoFlags(command *cobra.Command, opts *RepoOptions) {
 	command.Flags().StringVar(&opts.Repo.Project, "project", "", "project of the repository")
 	command.Flags().StringVar(&opts.Repo.Username, "username", "", "username to the repository")
 	command.Flags().StringVar(&opts.Repo.Password, "password", "", "password to the repository")
-	command.Flags().StringVar(&opts.Repo.BearerToken, "bearer-token", "", "bearer token to the Git repository")
+	command.Flags().StringVar(&opts.Repo.BearerToken, "bearer-token", "", "bearer token to the Git BitBucket repository")
 	command.Flags().StringVar(&opts.SshPrivateKeyPath, "ssh-private-key-path", "", "path to the private ssh key (e.g. ~/.ssh/id_rsa)")
 	command.Flags().StringVar(&opts.TlsClientCertPath, "tls-client-cert-path", "", "path to the TLS client cert (must be PEM format)")
 	command.Flags().StringVar(&opts.TlsClientCertKeyPath, "tls-client-cert-key-path", "", "path to the TLS client cert's key path (must be PEM format)")

pkg/apis/application/v1alpha1/repository_types.go

@@ -51,7 +51,7 @@ type RepoCreds struct {
 	NoProxy string `json:"noProxy,omitempty" protobuf:"bytes,23,opt,name=noProxy"`
 	// UseAzureWorkloadIdentity specifies whether to use Azure Workload Identity for authentication
 	UseAzureWorkloadIdentity bool `json:"useAzureWorkloadIdentity,omitempty" protobuf:"bytes,24,opt,name=useAzureWorkloadIdentity"`
-	// BearerToken contains the bearer token used for Git auth at the repo server
+	// BearerToken contains the bearer token used for Git BitBucket auth at the repo server
 	BearerToken string `json:"bearerToken,omitempty" protobuf:"bytes,25,opt,name=bearerToken"`
 }
 
@@ -106,7 +106,7 @@ type Repository struct {
 	NoProxy string `json:"noProxy,omitempty" protobuf:"bytes,23,opt,name=noProxy"`
 	// UseAzureWorkloadIdentity specifies whether to use Azure Workload Identity for authentication
 	UseAzureWorkloadIdentity bool `json:"useAzureWorkloadIdentity,omitempty" protobuf:"bytes,24,opt,name=useAzureWorkloadIdentity"`
-	// BearerToken contains the bearer token used for Git auth at the repo server
+	// BearerToken contains the bearer token used for Git BitBucket auth at the repo server
 	BearerToken string `json:"bearerToken,omitempty" protobuf:"bytes,25,opt,name=bearerToken"`
 }
 

util/git/creds.go

@@ -181,9 +181,7 @@ func (creds HTTPSCreds) BasicAuthHeader() string {
 }
 
 func (creds HTTPSCreds) BearerAuthHeader() string {
-	h := "Authorization: Bearer "
-	t := creds.bearerToken
-	h += base64.StdEncoding.EncodeToString([]byte(t))
+	h := "Authorization: Bearer " + creds.bearerToken
 	return h
 }
 
@@ -252,7 +250,12 @@ func (creds HTTPSCreds) Environ() (io.Closer, []string, error) {
 		// If bearer token is set, we will set ARGOCD_BEARER_AUTH_HEADER to	hold the HTTP authorization header
 		env = append(env, fmt.Sprintf("%s=%s", bearerAuthHeaderEnv, creds.BearerAuthHeader()))
 	}
-	nonce := creds.store.Add(text.FirstNonEmpty(creds.username, githubAccessTokenUsername), creds.password)
+	nonce := ""
+	// if creds.password != "" {
+	nonce = creds.store.Add(text.FirstNonEmpty(creds.username, githubAccessTokenUsername), creds.password)
+	// } else if creds.bearerToken != "" {
+	// 	nonce = creds.store.Add("", creds.bearerToken)
+	// }
 	env = append(env, creds.store.Environ(nonce)...)
 	return argoioutils.NewCloser(func() error {
 		creds.store.Remove(nonce)