ci: Add temporary gitconfig to clone private dependency over SSH #3
Conversation
|
Hey @yim-lee. I think the soundness pipeline for this repo has been configured differently from the swift-openapi-runtime CI. In runtime CI we see: —link But for this repo, we see the following command being run: — link Maybe this was because you were trying to workaround the private dependency? In this case, I think this PR solves the issue in a way that allows the pipelines to be configured "normally". Would you mind reverting the change in CI (if you made one) to confirm? Just confirmed that both of these commands run fine locally:
|
|
@swift-server-bot test this please |
|
A run without the CI change: https://ci.swiftserver.group/job/swift-openapi-generator-soundness-pr1b/9/console CI has to inject SSH key into the docker container for cloning to work and that's what the change does. |
|
@swift-server-bot test this please |
|
Soundness check failed because of this error: Probably because we didn't set option |
|
@yim-lee On the CI user, is the SSH key not placed in |
Unfortunately CI isn't set up quite like that so this doesn't work. When we ran into this issue in the past for a different project, we tried a few things and the change applied here was the one that worked. |
|
Thanks for working on this Yim. We'll merge this and roll out a similar change in the transport repos. |
Use an SSH URL to fetch Runtime in CI (Same as: apple/swift-openapi-generator#3) ### Motivation Until the swift-openapi-runtime repository is made public, it cannot be cloned using a HTTPS package URL without authentication, which is what this package is using in its Package.swift. This means CI isn't able to run for this package. However, CI is able to clone this repository over SSH, which presents an opportunity for a temporary workaround. ### Modifications Add a temporary step to the Docker Compose CI flow, which creates a Git config in a shared ephemeral volume with the following contents: ```gitconfig [url "git@github.com:apple/swift-openapi-runtime"] insteadOf = https://github.com/apple/swift-openapi-runtime ``` ### Result The CI should be able to clone the private dependency and then succeed. ### Test Plan Locally, this works: ```console ❯ docker-compose -f docker/docker-compose.yaml -f docker/docker-compose.2204.58.yaml run test ... + swift test -Xswiftc -warnings-as-errors --explicit-target-dependency-import-check error ... Fetching https://github.com/apple/swift-openapi-runtime ... Fetched https://github.com/apple/swift-openapi-runtime (2.68s) ... Executed 86 tests, with 0 failures (0 unexpected) in 3.265 (3.265) seconds ``` Also, if we use can use the `shell` Docker Compose service to see things are configured correctly: ```console root@20ab69e3f292:/code# echo $GIT_CONFIG_GLOBAL /ci-gitconfig/gitconfig root@20ab69e3f292:/code# cat $GIT_CONFIG_GLOBAL [url "git@github.com:apple/swift-openapi-runtime"] insteadOf = https://github.com/apple/swift-openapi-runtime ``` Reviewed by: simonjbeaumont Builds: ✔︎ pull request validation (5.8) - Build finished. ✔︎ pull request validation (5.9) - Build finished. ✔︎ pull request validation (nightly) - Build finished. ✔︎ pull request validation (soundness) - Build finished. #3
Use an SSH URL to fetch Runtime in CI (Same as: apple/swift-openapi-generator#3) ### Motivation Until the swift-openapi-runtime repository is made public, it cannot be cloned using a HTTPS package URL without authentication, which is what this package is using in its Package.swift. This means CI isn't able to run for this package. However, CI is able to clone this repository over SSH, which presents an opportunity for a temporary workaround. ### Modifications Add a temporary step to the Docker Compose CI flow, which creates a Git config in a shared ephemeral volume with the following contents: ```gitconfig [url "git@github.com:apple/swift-openapi-runtime"] insteadOf = https://github.com/apple/swift-openapi-runtime ``` ### Result The CI should be able to clone the private dependency and then succeed. ### Test Plan Locally, this works: ```console ❯ docker-compose -f docker/docker-compose.yaml -f docker/docker-compose.2204.58.yaml run test ... + swift test -Xswiftc -warnings-as-errors --explicit-target-dependency-import-check error ... Fetching https://github.com/apple/swift-openapi-runtime ... Fetched https://github.com/apple/swift-openapi-runtime (2.68s) ... Executed 86 tests, with 0 failures (0 unexpected) in 3.265 (3.265) seconds ``` Also, if we use can use the `shell` Docker Compose service to see things are configured correctly: ```console root@20ab69e3f292:/code# echo $GIT_CONFIG_GLOBAL /ci-gitconfig/gitconfig root@20ab69e3f292:/code# cat $GIT_CONFIG_GLOBAL [url "git@github.com:apple/swift-openapi-runtime"] insteadOf = https://github.com/apple/swift-openapi-runtime ``` Reviewed by: simonjbeaumont Builds: ✔︎ pull request validation (5.8) - Build finished. ✔︎ pull request validation (5.9) - Build finished. ✔︎ pull request validation (nightly) - Build finished. ✔︎ pull request validation (soundness) - Build finished. #3
### Motivation The repo is public now. There is no need for the workaround anymore. ### Modifications Remove gitconfig workaround added in #3
Motivation
Until the swift-openapi-runtime repository is made public, it cannot be cloned using a HTTPS package URL without authentication, which is what this package is using in its Package.swift.
This means CI isn't able to run for this package. However, CI is able to clone this repository over SSH, which presents an opportunity for a temporary workaround.
Modifications
Add a temporary step to the Docker Compose CI flow, which creates a Git config in a shared ephemeral volume with the following contents:
Result
The CI should be able to clone the private dependency and then succeed.
Test Plan
Locally, this works:
Also, if we use can use the
shellDocker Compose service to see things are configured correctly: