Skip to content

Add support for private github repos via git:directory #2856

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: trunk
Choose a base branch
from
Open

Add support for private github repos via git:directory #2856

wants to merge 7 commits into from

Conversation

@akirk
Copy link
Member

@akirk akirk commented Nov 2, 2025
edited
Loading

Motivation for the change, related issues

Currently, WordPress Playground can only fetch git:directory resources from public Github repositories, private ones are not supported.

Related: #2182.

This PR adds Github OAuth authentication support for private repositories:

  • Load blueprints that reference private GitHub repositories
  • Fetch a token via Github OAuth and a user displayed dialog
  • Store the credentials (in memory or localStorage in dev mode, as previously)

Note: Because it uses Github OAuth and thus requires a Github user, this is not intended for demoing plugins that reside in private repos, rather for developers to run code in Playground that resides in their own private repositories.

Screenshot 2025-11-03 at 06 58 57

Implementation details

Authentication Flow

  • Added token storage and authentication helpers to git-sparse-checkout.ts
  • Git protocol functions now send HTTP Basic Auth headers for Github URLs
  • Throws GitHubAuthenticationError on 401/403 responses

UI

  • New modal prompts users to authenticate when accessing private repos

Technical Details

  • Changed OAuth scope from public_repo to repo
  • Full page reload after OAuth to retry blueprint with new token

Testing Instructions (or ideally a Blueprint)

Test with a private repository:

  {
    "steps": [{
      "step": "installPlugin",
      "pluginData": {
        "resource": "git:directory",
        "url": "https://github.com/YOUR-USERNAME/YOUR-PRIVATE-REPO",
        "ref": "HEAD"
      }
    }]
  }

Expected: Modal prompts for GitHub auth → redirects to GitHub → returns and loads repo successfully without showing modal again.

Verify: Public repos still work without auth, token persists in dev mode (localStorage), no modal persistence issues.

@akirk akirk requested a review from adamziel November 2, 2025 21:56
@akirk akirk force-pushed the git-private-repos branch from cfa80bf to 4f2f5f3 Compare November 2, 2025 22:04
adamziel
adamziel reviewed Nov 3, 2025
View reviewed changes
adamziel
adamziel reviewed Nov 3, 2025
View reviewed changes
adamziel
adamziel reviewed Nov 3, 2025
View reviewed changes
@akirk akirk force-pushed the git-private-repos branch from 0ce57bd to 06b1ae5 Compare November 5, 2025 09:05
@akirk
Copy link
Member Author

akirk commented Nov 5, 2025
edited
Loading

Thanks for the review, @adamziel. I have restructured this according to your feedback! I realize that we're modifying the parameters of the git:directory resource inside the blueprint but it seemed like the best way to trickle down the headers from the website to where we need it at the directory resource.

@akirk akirk mentioned this pull request Nov 6, 2025
Open
@akirk akirk requested a review from adamziel November 7, 2025 10:48
adamziel
adamziel reviewed Nov 7, 2025
View reviewed changes
packages/playground/website/src/github/git-auth-helpers.ts
'http://127.0.0.1:5263/cors-proxy.php?',
];

export function isGitHubUrl(url: string): boolean {
Copy link
Collaborator

@adamziel adamziel Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this used anywhere?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adamziel adamziel adamziel left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@akirk @adamziel