-
-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add COMPOSER_AUTH env variable to workflows #200
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed:
- While I'm not sure it will solve all the issues (the most recent ones point to an issue with powershell ?), I totally agree that this should help.
- Do we really need it in all workflows though ? Or only in the
integrationtest.yml
file ? (which is the only one which has been giving us trouble) - Is setting it via
env: COMPOSER_AUTH
the right way to set this ? Or should we leverage thesetup-php
action for this ? (which can set the Composer authentication up persistently)
Ref: https://github.com/shivammathur/setup-php#github-composer-authentication
Accidentaly pressed the "Request Review" button again. Sorry! |
From what I could see, the error in the powershell were triggered by composer, caused by the rate limit:
The fix was proposed in ramsey/composer-install#182 (comment) but sadly this change does not seem to fix the rate limit issue so another approach seems needed. I'll take a look at the setup-php docs. I just added it to all workflows that do a composer install/update just to be safe (as I have no idea how the rate limit between GitHub / Composer / GHA. Leaving this for now. |
@jrfnl I'm inclined to merge this as-is (as it shouldn't do any harm) or close it, and resolve any other items discussed here later (if at all). |
@Potherca In principle, I'm fine with that, though I do have two niggly questions:
Other than that, this probably should be rebased before merging. It also looks like one workflow was missed - |
Because of the amount of GitHub API calls composer does, the CI runs into a rate limit. This causes jobs to fail or be aborted. By adding the GITHUB_TOKEN as auth method, this can be avoided.
b31ac45
to
fdae151
Compare
Good questions! Some basic points, before answering the individual questions:
So, to answer the questions, in order:
|
@Potherca Thanks for that additional context. I've seen some interesting scenario's floating around about vulnerabilities and GHA, so yes, let's err on the side of caution and limit those workflow permissions. |
@jrfnl FYI: I've just set the "Workflow permissions" for the |
Thanks and should be straight-forward to check by triggering a build for each workflow (which I've done just now). I'll check in a couple of hours if the builds have passed and if so, I'll merge this PR. |
Proposed Changes
Because of the amount of GitHub API calls composer does, the CI runs into a rate limit. This causes jobs to fail or be aborted. Adding the GITHUB_TOKEN as auth method should avoid these rate limits.
Related Issues