gh-setup-git-identity 0.4.2 → 0.6.0

package/CHANGELOG.md

@@ -1,5 +1,41 @@
 # gh-setup-git-identity
 
+## 0.6.0
+
+### Minor Changes
+
+- 1094f06: feat: fully configurable support of `gh auth login`
+
+  Added configurable options for GitHub authentication that mirror all `gh auth login` flags:
+
+  - `--hostname`: GitHub hostname (default: `github.com`) - enables GitHub Enterprise support
+  - `--scopes` / `-s`: Authentication scopes (default: `repo,workflow,user,read:org,gist`)
+  - `--git-protocol` / `-p`: Git protocol - `ssh` or `https` (default: `https`)
+  - `--web` / `-w`: Open browser to authenticate (default: `true`)
+  - `--with-token`: Read token from stdin for non-interactive authentication
+  - `--skip-ssh-key`: Skip SSH key generation/upload prompt
+  - `--insecure-storage`: Store credentials in plain text instead of credential store
+  - `--clipboard`: Copy OAuth code to clipboard
+
+  These options can be configured via:
+
+  - CLI flags
+  - Environment variables (`GH_AUTH_HOSTNAME`, `GH_AUTH_SCOPES`, etc.)
+  - `.lenv` configuration file
+
+  The library also exports `defaultAuthOptions` object with all default values.
+
+## 0.5.0
+
+### Minor Changes
+
+- 071e6d3: feat: add --verify option to verify git identity configuration
+
+  - Added `--verify` CLI option to run all 3 verification commands at once
+  - Users can now use `gh-setup-git-identity --verify` instead of running individual commands
+  - Works with `--local` flag for local repository configuration
+  - Updated README with verification documentation and code blocks
+
 ## 0.4.2
 
 ### Patch Changes

package/README.md

@@ -74,6 +74,9 @@ gh-setup-git-identity --local
 # Preview what would be configured (dry run)
 gh-setup-git-identity --dry-run
 
+# Verify current git identity configuration
+gh-setup-git-identity --verify
+
 # Enable verbose output
 gh-setup-git-identity --verbose
 ```
@@ -83,13 +86,51 @@ gh-setup-git-identity --verbose
 ```
 Usage: gh-setup-git-identity [options]
 
-Options:
-  --global, -g     Set git config globally (default: true)
-  --local, -l      Set git config locally (in current repository)
-  --dry-run, --dry Dry run - show what would be done without making changes
-  --verbose, -v    Enable verbose output
-  --help, -h       Show help
-  --version        Show version number
+Git Identity Options:
+  --global, -g         Set git config globally (default: true)
+  --local, -l          Set git config locally (in current repository)
+  --dry-run, --dry     Dry run - show what would be done without making changes
+  --verify             Verify current git identity configuration
+  --verbose, -v        Enable verbose output
+
+GitHub Authentication Options:
+  --hostname           GitHub hostname to authenticate with (default: github.com)
+  --scopes, -s         Authentication scopes, comma-separated (default: repo,workflow,user,read:org,gist)
+  --git-protocol, -p   Protocol for git operations: ssh or https (default: https)
+  --web, -w            Open a browser to authenticate (default: true)
+  --with-token         Read token from standard input
+  --skip-ssh-key       Skip generate/upload SSH key prompt
+  --insecure-storage   Save credentials in plain text instead of credential store
+  --clipboard          Copy one-time OAuth device code to clipboard
+
+General Options:
+  --help, -h           Show help
+  --version            Show version number
+```
+
+### Advanced Authentication Examples
+
+```bash
+# Authenticate with GitHub Enterprise
+gh-setup-git-identity --hostname enterprise.github.com
+
+# Use SSH protocol instead of HTTPS
+gh-setup-git-identity --git-protocol ssh
+
+# Authenticate with custom scopes
+gh-setup-git-identity --scopes repo,user,gist
+
+# Use token-based authentication (reads from stdin)
+echo "ghp_xxxxx" | gh-setup-git-identity --with-token
+
+# Copy OAuth code to clipboard automatically
+gh-setup-git-identity --clipboard
+
+# Skip SSH key generation prompt
+gh-setup-git-identity --git-protocol ssh --skip-ssh-key
+
+# Store credentials in plain text (not recommended for production)
+gh-setup-git-identity --insecure-storage
 ```
 
 ### First Run (Not Authenticated)
@@ -136,6 +177,36 @@ You can verify your configuration with:
   git config --global user.email
 ```
 
+### Verifying Configuration
+
+You can verify your git identity configuration at any time using:
+
+```bash
+gh-setup-git-identity --verify
+```
+
+Or by running the three verification commands directly:
+
+```bash
+gh auth status
+git config --global user.name
+git config --global user.email
+```
+
+For local repository configuration, use `--local`:
+
+```bash
+gh-setup-git-identity --verify --local
+```
+
+Or:
+
+```bash
+gh auth status
+git config --local user.name
+git config --local user.email
+```
+
 ## Library Usage
 
 ### Basic Example
@@ -172,14 +243,39 @@ Check if GitHub CLI is authenticated.
 
 #### `runGhAuthLogin(options?)`
 
-Run `gh auth login` interactively with the required scopes.
+Run `gh auth login` with configurable options.
 
 **Parameters:**
+- `options.hostname` - GitHub hostname (default: `'github.com'`)
+- `options.scopes` - OAuth scopes, comma-separated (default: `'repo,workflow,user,read:org,gist'`)
+- `options.gitProtocol` - Git protocol: `'ssh'` or `'https'` (default: `'https'`)
+- `options.web` - Open browser to authenticate (default: `true`)
+- `options.withToken` - Read token from stdin (default: `false`)
+- `options.skipSshKey` - Skip SSH key prompt (default: `false`)
+- `options.insecureStorage` - Store credentials in plain text (default: `false`)
+- `options.clipboard` - Copy OAuth code to clipboard (default: `false`)
 - `options.verbose` - Enable verbose logging (default: `false`)
 - `options.logger` - Custom logger (default: `console`)
 
 **Returns:** `Promise<boolean>` - `true` if login was successful
 
+#### `defaultAuthOptions`
+
+Default authentication options object that can be imported and used as a reference:
+
+```javascript
+{
+  hostname: 'github.com',
+  scopes: 'repo,workflow,user,read:org,gist',
+  gitProtocol: 'https',
+  web: true,
+  withToken: false,
+  skipSshKey: false,
+  insecureStorage: false,
+  clipboard: false
+}
+```
+
 #### `getGitHubUserInfo(options?)`
 
 Get GitHub user information (username and primary email).
@@ -208,11 +304,23 @@ Get current git identity configuration.
 
 ### Environment Variables
 
+#### Git Identity Options
+
 - `GH_SETUP_GIT_IDENTITY_GLOBAL` - Set global config (default: `true`)
 - `GH_SETUP_GIT_IDENTITY_LOCAL` - Set local config (default: `false`)
 - `GH_SETUP_GIT_IDENTITY_DRY_RUN` - Enable dry run mode (default: `false`)
 - `GH_SETUP_GIT_IDENTITY_VERBOSE` - Enable verbose output (default: `false`)
 
+#### GitHub Authentication Options
+
+- `GH_AUTH_HOSTNAME` - GitHub hostname (default: `github.com`)
+- `GH_AUTH_SCOPES` - Authentication scopes (default: `repo,workflow,user,read:org,gist`)
+- `GH_AUTH_GIT_PROTOCOL` - Git protocol: `ssh` or `https` (default: `https`)
+- `GH_AUTH_WEB` - Open browser for authentication (default: `true`)
+- `GH_AUTH_SKIP_SSH_KEY` - Skip SSH key prompt (default: `false`)
+- `GH_AUTH_INSECURE_STORAGE` - Store credentials in plain text (default: `false`)
+- `GH_AUTH_CLIPBOARD` - Copy OAuth code to clipboard (default: `false`)
+
 ## Testing
 
 Run tests using bun:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gh-setup-git-identity",
-  "version": "0.4.2",
+  "version": "0.6.0",
   "description": "A tool to setup git identity based on current gh user",
   "type": "module",
   "main": "src/index.js",

package/src/cli.js

@@ -7,13 +7,14 @@
  */
 
 import { makeConfig } from 'lino-arguments';
-import { setupGitIdentity, isGhAuthenticated, runGhAuthLogin } from './index.js';
+import { setupGitIdentity, isGhAuthenticated, runGhAuthLogin, verifyGitIdentity, defaultAuthOptions } from './index.js';
 
 // Parse command-line arguments with environment variable and .lenv support
 const config = makeConfig({
   yargs: ({ yargs, getenv }) =>
     yargs
       .usage('Usage: $0 [options]')
+      // Git identity options
       .option('global', {
         alias: 'g',
         type: 'boolean',
@@ -38,22 +39,136 @@ const config = makeConfig({
         description: 'Dry run mode - show what would be done without making changes',
         default: getenv('GH_SETUP_GIT_IDENTITY_DRY_RUN', false)
       })
+      .option('verify', {
+        type: 'boolean',
+        description: 'Verify current git identity configuration',
+        default: false
+      })
+      // gh auth login options
+      .option('hostname', {
+        type: 'string',
+        description: 'GitHub hostname to authenticate with',
+        default: getenv('GH_AUTH_HOSTNAME', defaultAuthOptions.hostname)
+      })
+      .option('scopes', {
+        alias: 's',
+        type: 'string',
+        description: 'Additional authentication scopes to request (comma-separated)',
+        default: getenv('GH_AUTH_SCOPES', defaultAuthOptions.scopes)
+      })
+      .option('git-protocol', {
+        alias: 'p',
+        type: 'string',
+        description: 'Protocol for git operations: ssh or https',
+        choices: ['ssh', 'https'],
+        default: getenv('GH_AUTH_GIT_PROTOCOL', defaultAuthOptions.gitProtocol)
+      })
+      .option('web', {
+        alias: 'w',
+        type: 'boolean',
+        description: 'Open a browser to authenticate',
+        default: getenv('GH_AUTH_WEB', defaultAuthOptions.web)
+      })
+      .option('with-token', {
+        type: 'boolean',
+        description: 'Read token from standard input',
+        default: false
+      })
+      .option('skip-ssh-key', {
+        type: 'boolean',
+        description: 'Skip generate/upload SSH key prompt',
+        default: getenv('GH_AUTH_SKIP_SSH_KEY', defaultAuthOptions.skipSshKey)
+      })
+      .option('insecure-storage', {
+        type: 'boolean',
+        description: 'Save authentication credentials in plain text instead of credential store',
+        default: getenv('GH_AUTH_INSECURE_STORAGE', defaultAuthOptions.insecureStorage)
+      })
+      .option('clipboard', {
+        type: 'boolean',
+        description: 'Copy one-time OAuth device code to clipboard',
+        default: getenv('GH_AUTH_CLIPBOARD', defaultAuthOptions.clipboard)
+      })
       .check((argv) => {
         // --global and --local are mutually exclusive
         if (argv.global && argv.local) {
           throw new Error('Arguments global and local are mutually exclusive');
         }
+        // --web and --with-token are mutually exclusive
+        if (argv.web && argv.withToken) {
+          throw new Error('Arguments web and with-token are mutually exclusive');
+        }
         return true;
       })
       .example('$0', 'Setup git identity globally using GitHub user')
       .example('$0 --local', 'Setup git identity for current repository only')
       .example('$0 --dry-run', 'Show what would be configured without making changes')
+      .example('$0 --verify', 'Verify current git identity configuration')
+      .example('$0 --hostname enterprise.github.com', 'Authenticate with GitHub Enterprise')
+      .example('$0 --scopes repo,user,gist', 'Authenticate with custom scopes')
+      .example('$0 --git-protocol ssh', 'Use SSH protocol for git operations')
+      .example('$0 --with-token < token.txt', 'Authenticate using a token file')
       .help('h')
       .alias('h', 'help')
       .version('0.1.0')
       .strict(),
 });
 
+/**
+ * Run verification commands and display results
+ * @param {string} scope - 'global' or 'local'
+ * @param {boolean} verbose - Enable verbose logging
+ */
+async function runVerify(scope, verbose) {
+  const scopeFlag = scope === 'local' ? '--local' : '--global';
+
+  console.log('Verifying git identity configuration...');
+  console.log('');
+
+  // 1. Run gh auth status
+  console.log('1. GitHub CLI authentication status:');
+  console.log('   $ gh auth status');
+  console.log('');
+
+  const { spawn } = await import('node:child_process');
+
+  // Run gh auth status interactively to show full output
+  await new Promise((resolve) => {
+    const child = spawn('gh', ['auth', 'status'], { stdio: 'inherit' });
+    child.on('close', resolve);
+    child.on('error', resolve);
+  });
+
+  console.log('');
+
+  // 2. Get git config user.name
+  console.log(`2. Git user.name (${scope}):`);
+  console.log(`   $ git config ${scopeFlag} user.name`);
+
+  const identity = await verifyGitIdentity({ scope, verbose });
+
+  if (identity.username) {
+    console.log(`   ${identity.username}`);
+  } else {
+    console.log('   (not set)');
+  }
+
+  console.log('');
+
+  // 3. Get git config user.email
+  console.log(`3. Git user.email (${scope}):`);
+  console.log(`   $ git config ${scopeFlag} user.email`);
+
+  if (identity.email) {
+    console.log(`   ${identity.email}`);
+  } else {
+    console.log('   (not set)');
+  }
+
+  console.log('');
+  console.log('Verification complete!');
+}
+
 /**
  * Main CLI function
  */
@@ -62,19 +177,38 @@ async function main() {
     // Determine scope
     const scope = config.local ? 'local' : 'global';
 
+    // Handle --verify mode
+    if (config.verify) {
+      await runVerify(scope, config.verbose);
+      process.exit(0);
+    }
+
     // Check if gh is authenticated
     const authenticated = await isGhAuthenticated({ verbose: config.verbose });
 
     if (!authenticated) {
       console.log('GitHub CLI is not authenticated. Starting authentication...');
 
-      // Automatically run gh auth login
-      const loginSuccess = await runGhAuthLogin({ verbose: config.verbose });
+      // Prepare auth options from CLI arguments
+      const authOptions = {
+        hostname: config.hostname,
+        scopes: config.scopes,
+        gitProtocol: config.gitProtocol,
+        web: config.web,
+        withToken: config.withToken,
+        skipSshKey: config.skipSshKey,
+        insecureStorage: config.insecureStorage,
+        clipboard: config.clipboard,
+        verbose: config.verbose
+      };
+
+      // Automatically run gh auth login with configured options
+      const loginSuccess = await runGhAuthLogin(authOptions);
 
       if (!loginSuccess) {
         console.log('');
         console.log('Authentication failed. Please try running manually:');
-        console.log('  printf "y" | gh auth login -h github.com -s repo,workflow,user,read:org,gist --git-protocol https --web');
+        console.log(`  printf "y" | gh auth login -h ${config.hostname} -s ${config.scopes} --git-protocol ${config.gitProtocol} --web`);
         process.exit(1);
       }
     }

package/src/index.js

@@ -114,27 +114,97 @@ function execInteractiveCommand(command, args = [], options = {}) {
   });
 }
 
+/**
+ * Default options for gh auth login
+ */
+export const defaultAuthOptions = {
+  hostname: 'github.com',
+  scopes: 'repo,workflow,user,read:org,gist',
+  gitProtocol: 'https',
+  web: true,
+  withToken: false,
+  skipSshKey: false,
+  insecureStorage: false,
+  clipboard: false
+};
+
 /**
  * Run gh auth login interactively
  *
  * @param {Object} options - Options
+ * @param {string} options.hostname - GitHub hostname (default: 'github.com')
+ * @param {string} options.scopes - OAuth scopes, comma-separated (default: 'repo,workflow,user,read:org,gist')
+ * @param {string} options.gitProtocol - Git protocol: 'ssh' or 'https' (default: 'https')
+ * @param {boolean} options.web - Open browser to authenticate (default: true)
+ * @param {boolean} options.withToken - Read token from stdin (default: false)
+ * @param {boolean} options.skipSshKey - Skip SSH key generation/upload prompt (default: false)
+ * @param {boolean} options.insecureStorage - Store credentials in plain text (default: false)
+ * @param {boolean} options.clipboard - Copy OAuth code to clipboard (default: false)
  * @param {boolean} options.verbose - Enable verbose logging
  * @param {Object} options.logger - Custom logger
  * @returns {Promise<boolean>} True if login was successful
  */
 export async function runGhAuthLogin(options = {}) {
-  const { verbose = false, logger = console } = options;
+  const {
+    hostname = defaultAuthOptions.hostname,
+    scopes = defaultAuthOptions.scopes,
+    gitProtocol = defaultAuthOptions.gitProtocol,
+    web = defaultAuthOptions.web,
+    withToken = defaultAuthOptions.withToken,
+    skipSshKey = defaultAuthOptions.skipSshKey,
+    insecureStorage = defaultAuthOptions.insecureStorage,
+    clipboard = defaultAuthOptions.clipboard,
+    verbose = false,
+    logger = console
+  } = options;
+
   const log = createDefaultLogger({ verbose, logger });
 
-  // Run gh auth login with the required scopes
-  // Use 'y' as input to confirm default account selection
-  const result = await execInteractiveCommand('gh', [
-    'auth', 'login',
-    '-h', 'github.com',
-    '-s', 'repo,workflow,user,read:org,gist',
-    '--git-protocol', 'https',
-    '--web'
-  ], { input: 'y\n' });
+  // Build the arguments for gh auth login
+  const args = ['auth', 'login'];
+
+  // Add hostname
+  if (hostname) {
+    args.push('-h', hostname);
+  }
+
+  // Add scopes
+  if (scopes) {
+    args.push('-s', scopes);
+  }
+
+  // Add git protocol
+  if (gitProtocol) {
+    args.push('--git-protocol', gitProtocol);
+  }
+
+  // Add boolean flags
+  if (web && !withToken) {
+    args.push('--web');
+  }
+
+  if (withToken) {
+    args.push('--with-token');
+  }
+
+  if (skipSshKey) {
+    args.push('--skip-ssh-key');
+  }
+
+  if (insecureStorage) {
+    args.push('--insecure-storage');
+  }
+
+  if (clipboard && web && !withToken) {
+    args.push('--clipboard');
+  }
+
+  log.debug(() => `Running: gh ${args.join(' ')}`);
+
+  // Run gh auth login
+  // Use 'y' as input to confirm default account selection (only needed for interactive mode)
+  const inputValue = withToken ? undefined : 'y\n';
+  const result = await execInteractiveCommand('gh', args, { input: inputValue });
 
   if (result.exitCode !== 0) {
     log.error(() => 'GitHub CLI authentication failed');
@@ -368,6 +438,7 @@ export async function verifyGitIdentity(options = {}) {
 }
 
 export default {
+  defaultAuthOptions,
   isGhAuthenticated,
   runGhAuthLogin,
   getGitHubUsername,

package/test/index.test.js

@@ -10,7 +10,8 @@ import {
   getGitHubEmail,
   getGitHubUserInfo,
   getGitConfig,
-  verifyGitIdentity
+  verifyGitIdentity,
+  defaultAuthOptions
 } from '../src/index.js';
 
 // Note: These tests require gh to be authenticated
@@ -89,10 +90,42 @@ test('runGhAuthLogin - is exported as a function', async () => {
   assert.equal(typeof runGhAuthLogin, 'function');
 });
 
+// Test: defaultAuthOptions is exported and has correct structure
+test('defaultAuthOptions - is exported with correct default values', async () => {
+  assert.ok(typeof defaultAuthOptions === 'object');
+  assert.equal(defaultAuthOptions.hostname, 'github.com');
+  assert.equal(defaultAuthOptions.scopes, 'repo,workflow,user,read:org,gist');
+  assert.equal(defaultAuthOptions.gitProtocol, 'https');
+  assert.equal(defaultAuthOptions.web, true);
+  assert.equal(defaultAuthOptions.withToken, false);
+  assert.equal(defaultAuthOptions.skipSshKey, false);
+  assert.equal(defaultAuthOptions.insecureStorage, false);
+  assert.equal(defaultAuthOptions.clipboard, false);
+});
+
+// Test: defaultAuthOptions contains all expected keys
+test('defaultAuthOptions - contains all expected keys', async () => {
+  const expectedKeys = [
+    'hostname',
+    'scopes',
+    'gitProtocol',
+    'web',
+    'withToken',
+    'skipSshKey',
+    'insecureStorage',
+    'clipboard'
+  ];
+
+  for (const key of expectedKeys) {
+    assert.ok(key in defaultAuthOptions, `Missing key: ${key}`);
+  }
+});
+
 // Test: module exports
 test('module exports all expected functions', async () => {
   const module = await import('../src/index.js');
 
+  assert.ok(typeof module.defaultAuthOptions === 'object');
   assert.ok(typeof module.isGhAuthenticated === 'function');
   assert.ok(typeof module.runGhAuthLogin === 'function');
   assert.ok(typeof module.getGitHubUsername === 'function');
@@ -110,6 +143,7 @@ test('default export contains all functions', async () => {
   const defaultExport = module.default;
 
   assert.ok(typeof defaultExport === 'object');
+  assert.ok(typeof defaultExport.defaultAuthOptions === 'object');
   assert.ok(typeof defaultExport.isGhAuthenticated === 'function');
   assert.ok(typeof defaultExport.runGhAuthLogin === 'function');
   assert.ok(typeof defaultExport.getGitHubUsername === 'function');