djspiewak · jrouly · Mar 23, 2022
diff --git a/README.md b/README.md
@@ -44,6 +44,8 @@ You may also *optionally* specify a repository as the second argument. **This is
 
 This resolver will give you access to packages published on *any* repository within the organization. If the token provided in the authentication information only has access to public repositories, then packages published on private repositories will report "not found". If the token has access to private repositories as well as public, then all packages will be visible.
 
+#### Credentials
+
 You will need to ensure that `githubTokenSource` is set to *your* details (i.e. the authentication information for the individual who ran `sbt`). The `TokenSource` ADT has the following possibilities:
 
 ```scala
@@ -55,6 +57,7 @@ sealed trait TokenSource extends Product with Serializable {
 object TokenSource {
   final case class Environment(variable: String) extends TokenSource
   final case class GitConfig(key: String) extends TokenSource
+  final case class FromFile(file: File) extends TokenSource
   final case class Or(primary: TokenSource, secondary: TokenSource) extends TokenSource
 }
 ```
@@ -80,6 +83,14 @@ This assumes you have your token stored there like this:
   token = TOKEN_DATA
 ```
 
+To read a token from a local file you can use something like:
+
+```sbt
+githubTokenSource := TokenSource.FromFile(Path.userHome / ".sbt" / "github.token")
+```
+
+The first line of the file will be read in and used as the GitHub token.
+
 The `||` combinator allows you to configure multiple token sources which will be tried in order on first-read of the setting.
 
 Note that your CI server will need to set the `GITHUB_TOKEN` environment variable as well (if using the `Environment` token source), as well as any collaborators on your project. The environment-specific nature of these login credentials are a major part of why they are *not* just strings sitting in the `build.sbt` file. As an example, if you're using Travis, you can do something like the following:

diff --git a/src/main/scala/sbtghpackages/GitHubPackagesPlugin.scala b/src/main/scala/sbtghpackages/GitHubPackagesPlugin.scala
@@ -119,6 +119,10 @@ object GitHubPackagesPlugin extends AutoPlugin {
         resolveTokenSource(primary).orElse(
           resolveTokenSource(secondary))
 
+      case TokenSource.FromFile(file) =>
+        // Extract credentials from the first line of the file.
+        if (file.canRead) IO.readLines(file).headOption else None
+
       case TokenSource.Environment(variable) =>
         sys.env.get(variable)
 

diff --git a/src/main/scala/sbtghpackages/TokenSource.scala b/src/main/scala/sbtghpackages/TokenSource.scala
@@ -16,6 +16,8 @@
 
 package sbtghpackages
 
+import sbt.File
+
 sealed trait TokenSource extends Product with Serializable {
   def ||(that: TokenSource): TokenSource =
     TokenSource.Or(this, that)
@@ -24,5 +26,6 @@ sealed trait TokenSource extends Product with Serializable {
 object TokenSource {
   final case class Environment(variable: String) extends TokenSource
   final case class GitConfig(key: String) extends TokenSource
+  final case class FromFile(file: File) extends TokenSource
   final case class Or(primary: TokenSource, secondary: TokenSource) extends TokenSource
 }