psalm-github-actions icon indicating copy to clipboard operation
psalm-github-actions copied to clipboard
verified publisher icon psalm

Private dependency installation fails

Open lancehudson opened this issue 2 years ago • 1 comments

The current version of ghcr.io/psalm/psalm-security-scan:5.12.0 does not have ssh in the container preventing the installation of private dependencies as described here https://github.com/psalm/psalm-github-actions/blob/master/README.md#auth-for-private-composer-repositories

$ docker run -ti --rm --entrypoint sh ghcr.io/psalm/psalm-security-scan:5.12.0 ssh
sh: can't open 'ssh': No such file or directory

Error from GitHub action

 Error: Failed to execute git clone --mirror -- 'ssh://[email protected]/my-org/my-dep.git' '/github/home/.composer/cache/vcs/ssh---git-github.com-my-org-my-dep.git/'
  
  Cloning into bare repository '/github/home/.composer/cache/vcs/ssh---git-github.com-my-org-my-dep.git'...
  error: cannot run ssh: No such file or directory
  fatal: unable to fork

I was able to resolve this by installing the dependencies in an earlier step, Is that the intended method?

lancehudson avatar Jun 15 '23 16:06 lancehudson

Definitely not intended: https://github.com/psalm/psalm-github-actions/blob/73f49b6857023123dfc809577888c31f6275afc9/Dockerfile#LL16C1-L16C47

weirdan avatar Jun 15 '23 18:06 weirdan