From 14f946b630823c2af0bbd7f2f7aec8b8ff7e8c42 Mon Sep 17 00:00:00 2001 From: Sam Hanley Date: Wed, 25 Mar 2026 18:33:05 -0400 Subject: [PATCH] Persist authority URL auth header when repo has submodules --- src/Agent.Plugins/GitSourceProvider.cs | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/src/Agent.Plugins/GitSourceProvider.cs b/src/Agent.Plugins/GitSourceProvider.cs index 326f9b9143..1bff37add0 100644 --- a/src/Agent.Plugins/GitSourceProvider.cs +++ b/src/Agent.Plugins/GitSourceProvider.cs @@ -1228,6 +1228,27 @@ public async Task GetSourceAsync( throw new InvalidOperationException($"Git config failed with exit code: {exitCode_config}"); } } + + // persist credentials for authorityUrl so submodules at the same root domain can authenticate + if (checkoutSubmodules) + { + string authorityUrl = repositoryUrl.AbsoluteUri.Replace(repositoryUrl.PathAndQuery, string.Empty); + string submoduleConfigKey = $"http.{authorityUrl}.extraheader"; + configModifications[submoduleConfigKey] = configValue.Trim('\"'); + + if (gitUseSecureParameterPassing) + { + await SetAuthTokenInGitConfig(executionContext, gitCommandManager, targetPath, submoduleConfigKey, configValue.Trim('\"')); + } + else + { + int exitCode_config = await gitCommandManager.GitConfig(executionContext, targetPath, submoduleConfigKey, configValue); + if (exitCode_config != 0) + { + throw new InvalidOperationException($"Git config failed with exit code: {exitCode_config}"); + } + } + } } if (!gitSupportAuthHeader && !exposeCred)