From 8b434e2ac7231d308636a076cb5f806aabab24e4 Mon Sep 17 00:00:00 2001
From: Jean-Baptiste Lievremont <jeanbaptiste.lievremont@sonarsource.com>
Date: Tue, 14 May 2024 10:54:02 +0200
Subject: [PATCH 1/2] Share environment variable with URL to Artifactory at the
 job level

---
 .github/workflows/credcheck.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/credcheck.yml b/.github/workflows/credcheck.yml
index 579ad0d6f..08ca1c24a 100644
--- a/.github/workflows/credcheck.yml
+++ b/.github/workflows/credcheck.yml
@@ -10,6 +10,8 @@ jobs:
       contents: write
     runs-on: ubuntu-latest
     name: Check release credentials are valid
+    env:
+      ARTIFACTORY_URL: https://repox.jfrog.io/artifactory
     steps:
       - name: Checkout custom actions
         uses: actions/checkout@v3
@@ -29,6 +31,7 @@ jobs:
       - name: Check marketplace publisher personal access token
         if: ${{ !cancelled() }}
         env:
+          ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
           VSCE_TOKEN: ${{ secrets.VISUALSTUDIO_PAT }}
         working-directory: ./.github/actions/vsce-publish
         run: |
@@ -39,6 +42,7 @@ jobs:
       - name: Check Microsoft marketplace publisher personal access token
         if: ${{ !cancelled() }}
         env:
+          ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
           OPENVSX_TOKEN: ${{ secrets.OPENVSX_TOKEN }}
         working-directory: ./.github/actions/ovsx-publish
         run: |
@@ -49,7 +53,6 @@ jobs:
       - name: Check Artifactory reader token
         if: ${{ !cancelled() }}
         env:
-          ARTIFACTORY_URL: https://repox.jfrog.io/artifactory
           ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
         run: |
           curl -s -o /dev/null \

From 35fa22b262e47f178cf7bd86238651ddc453d0cf Mon Sep 17 00:00:00 2001
From: Jean-Baptiste Lievremont <jeanbaptiste.lievremont@sonarsource.com>
Date: Tue, 14 May 2024 10:59:05 +0200
Subject: [PATCH 2/2] Follow redirects in Artifactory access check

---
 .github/workflows/credcheck.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/credcheck.yml b/.github/workflows/credcheck.yml
index 08ca1c24a..3f2a640e9 100644
--- a/.github/workflows/credcheck.yml
+++ b/.github/workflows/credcheck.yml
@@ -55,7 +55,7 @@ jobs:
         env:
           ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
         run: |
-          curl -s -o /dev/null \
+          curl -L -s -o /dev/null \
             -w '%{http_code}\n' \
             -H "Authorization: Bearer ${ARTIFACTORY_ACCESS_TOKEN}" \
             "${ARTIFACTORY_URL}/sonarsource-releases/org/sonarsource/sonarlint/vscode/sonarlint-vscode"