Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Composer updated to v2? #1924

Closed
3 of 7 tasks
carestad opened this issue Oct 28, 2020 · 12 comments
Closed
3 of 7 tasks

Composer updated to v2? #1924

carestad opened this issue Oct 28, 2020 · 12 comments
Labels
Area: PHP investigate Collect additional information, like space on disk, other tool incompatibilities etc. OS: Ubuntu

Comments

@carestad
Copy link

carestad commented Oct 28, 2020

Description
It seems that the composer version has been updated to v2 for runners now, which is causing a lot of distress since it isn't necessarily a plug-and-play upgrade. The virtual environment documentation has not been updated to reflect this, and it seems to be causing some issues (for us at least).

Is there a composer@v1 version still available or is the global composer now replaced with v2 for good?

Area for Triage:
PHP

Question, Bug, or Feature?:
Question

Virtual environments affected

  • Ubuntu 16.04
  • Ubuntu 18.04
  • Ubuntu 20.04
  • macOS 10.15
  • macOS 11.0
  • Windows Server 2016 R2
  • Windows Server 2019

Expected behavior
Successful running of composer install in our existing Laravel project.

Actual behavior

composer install now fails due to dependencies not being ready for composer@v2.

Repro steps

  1. Check out existing Laravel project
  2. Run composer install
@al-cheb al-cheb added investigate Collect additional information, like space on disk, other tool incompatibilities etc. OS: Ubuntu and removed needs triage labels Oct 28, 2020
@carestad
Copy link
Author

carestad commented Oct 28, 2020

It seems this is due to the PHP installer script just downloads the most recent version of composer from its installer URL (as described here: https://getcomposer.org/download/), and the composer people have probably quite recently changed it so you get the v2 when doing that now.

Perhaps it could be an idea to just curl/wget the latest v1 and/or v2 instead?

I guess it is up to you guys what version comes pre-installed. In my opinion, maybe downloading a more specific version is safer, so you have better control over which versions of software you pre-install on your runners.

I'll just work around it for now and overwrite /usr/bin/composer in my own recipes, but if you want to keep v2 then the documentation should maybe be updated 🙂

@tyrann0us
Copy link

Workaround using shivammathur/setup-php:

- name: Force Composer v1
  uses: shivammathur/setup-php@v2
  with:
    tools: composer:v1

Also see https://github.com/marketplace/actions/setup-php-action#wrench-tools-support.

Bildschirmfoto 2020-10-28 um 14 20 14

@al-cheb
Copy link
Contributor

al-cheb commented Oct 28, 2020

Hello, @carestad
As you mentioned above, we always try to install the latest version. If a deployment is not yet complete, we don't update documentation files in main branch. You can find a documentation file for current build or try to find a pr with delta - https://github.com/actions/virtual-environments/pulls (e.g. #1901):

image

@tyrann0us
Copy link

Not sure if this is clear or not: Contrary to the checkboxes ticked by @carestad, this issue not only affects Ubuntu 20.04, but also Ubuntu 18.04 (which is ubuntu-latest still).

@carestad
Copy link
Author

Hello, @carestad
As you mentioned above, we always try to install the latest version. If a deployment is not yet complete, we don't update documentation files in main branch. You can find a documentation file for current build or try to find a pr with delta - actions/virtual-environments/pulls (e.g. #1901):

image

Aha! Nice to know. Thanks for the info. 👍

@carestad
Copy link
Author

Not sure if this is clear or not: Contrary to the checkboxes ticked by @carestad, this issue not only affects Ubuntu 20.04, but also Ubuntu 18.04 (which is ubuntu-latest still).

That is true. The readme for 18.04 mentions this, and refers to this issue regarding that: #1816

@al-cheb
Copy link
Contributor

al-cheb commented Oct 29, 2020

The documentation files related to Ubuntu were updated in main branch.

@al-cheb al-cheb closed this as completed Oct 29, 2020
@zauni
Copy link

zauni commented Oct 30, 2020

As a temporary workaround it also helps to have a script section with sudo composer self-update --1 in it.

@Chrico
Copy link

Chrico commented Oct 30, 2020

As a temporary workaround it also helps to have a script section with sudo composer self-update --1 in it.

This will not work 100% safe, since the default User is "runner" and with sudo you'll write with a different User "root". This will change the folder permissions for Composer cache, which might causes problems for Composer and Composer Plugins which are trying to write to that cache folder.

sudo composer self-update --1
You are running composer as "root", while "/home/runner/.composer" is owned by "runner"

which results in:

Cannot create cache directory /home/runner/.composer/cache/repo/https---repo.packagist.org/, or directory is not writable. Proceeding without cache
Cannot create cache directory /home/runner/.composer/cache/files/, or directory is not writable. Proceeding without cache
Cannot create cache directory /home/runner/.composer/cache/repo/https---repo.packagist.org/, or directory is not writable. Proceeding without cache

@tyrann0us
Copy link

Am I the only one who finds it problematic that a "low-level API" like Composer has received a major upgrade on an existing operating system? I'm all for doing that on ubuntu-20.04, but Composer v2 breaks backward compatibility, so it should not be updated automatically on existing OSs IMHO.

The AWS CLI has not been updated to v2 either, although this version has been available for a long time.

@zauni
Copy link

zauni commented Oct 30, 2020

@Chrico Good to know!
I tried this script section in a Azure pipeline and here it was okay. Or maybe we don't have plugins which use the cache folder. Or in Github Actions it would be okay to leave the "sudo" away, but in Azure it was needed.

@hanoii
Copy link

hanoii commented Oct 30, 2020

This will not work 100% safe, since the default User is "runner" and with sudo you'll write with a different User "root".

In relation to #1924 (comment) I am doing

    - name: Make sure we are using composer v1
      run: |
        sudo composer self-update --1
        sudo chown $USER $HOME/.composer

Early on steps: which should make it 100% safe. At least is working for me and I am using the cache.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Area: PHP investigate Collect additional information, like space on disk, other tool incompatibilities etc. OS: Ubuntu
Projects
None yet
Development

No branches or pull requests

6 participants