Skip to content

Missing support for project-level auth.json #932

New issue
New issue
Open
Open
Missing support for project-level auth.json#932
Labels
bug
@kasparsd

Description

@kasparsd
kasparsd
opened on Oct 25, 2024

Describe the bug

The documentation states that Satis supports project-level auth.json files:

satis/docs/using.md

Lines 215 to 217 in 2499574

The storage can be done either globally in the `COMPOSER_HOME/auth.json` file
(`COMPOSER_HOME` defaults to `~/.composer` or `%APPDATA%/Composer` on Windows)
or also in the project directory directly sitting besides your composer.json.

However, the current source code only supports global auth.json and doesn't use the project-level auth.json at all:

satis/src/Console/Command/BuildCommand.php

Lines 283 to 287 in 2499574

// load global auth file
$file = new JsonFile($config->get('home') . '/auth.json');
if ($file->exists()) {
$config->merge(['config' => $file->read()]);
}

To Reproduce

  1. Create a new project and require satis as a dependency in composer.json:

     {
     "name": "example/satis-example",
     "type": "project",
     "require": {
         "composer/satis": "^1.0"
     }
 }

  2. Add satis.json with a non-existent GitHub project repository (doesn't need to exist for this test):

     {
     "name": "satis/example",
     "homepage": "http://satis.example.com",
     "repositories": [
         { "type": "vcs", "url": "https://github.com/mycompany/privaterepo" }
     ],
     "archive": {
         "directory": "dist"
     },
     "require-all": true
 }

  3. Add auth.json to the current project directory by running composer config github-oauth.github.com token123 (doesn't have to be a valid token).

  4. Run the build vendor/bin/satis build -vvv -n satis.json public to produce the build and notice how it doesn't use the configured token:

Checked CA file /opt/homebrew/etc/ca-certificates/cert.pem: valid
Executing command (/path/to/project/satis-example): git branch -a --no-color --no-abbrev -v
Executing command (/path/to/project/satis-example): git describe --exact-match --tags
Executing command (CWD): git --version
Executing command (/path/to/project/satis-example): git log --pretty="%H" -n1 HEAD --no-show-signature
Executing command (/path/to/project/satis-example): hg branch
Executing command (/path/to/project/satis-example): fossil branch list
Executing command (/path/to/project/satis-example): fossil tag list
Executing command (/path/to/project/satis-example): svn info --xml
Failed to initialize global composer: Composer could not find the config file: /Users/kaspars/.composer/composer.json
To initialize a project, please create a composer.json file as described in the https://getcomposer.org/ "Getting Started" section
Reading /path/to/project/satis-example/vendor/composer/installed.json
Scanning packages
Downloading https://api.github.com/repos/mycompany/privaterepo
Executing command (CWD): git config github.accesstoken
Executing command (CWD): git clone --mirror -- '[email protected]:mycompany/privaterepo.git' '/Users/kaspars/.composer/cache/vcs/git-github.com-mycompany-privaterepo.git/'
Executing command (CWD): git config github.accesstoken
Executing command (CWD): git --version
Failed to clone the [email protected]:mycompany/privaterepo.git repository, try running in interactive mode so that you can enter your GitHub credentials

In Git.php line 404:
                                                                                                                                                     
  [RuntimeException]                                                                                                                                 
  Failed to execute git clone --mirror -- '[email protected]:mycompany/privaterepo.git' '/Users/kaspars/.composer/cache/vcs/git-github.com-mycompany-p  
  rivaterepo.git/'                                                                                                                                   
                                                                                                                                                     
  Cloning into bare repository '/Users/kaspars/.composer/cache/vcs/git-github.com-mycompany-privaterepo.git'...                                      
  ERROR: Repository not found.                                                                                                                       
  fatal: Could not read from remote repository.                                                                                                      
                                                                                                                                                     
  Please make sure you have the correct access rights                                                                                                
  and the repository exists.

Outcome

See above ☝️.

The $config->get('home') . '/auth.json' path points to the global Composer home directory so the local project-level auth.json isn't checked.

Expected behavior

Satis uses the auth.json data from the project root directory.

Additional context

None.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions