support http.extraheader
#262
Comments
|
@pmrowla What is the level of effort to support |
|
@dberenbaum I think it would probably take me about a full sprint. One thing to note here is that the git |
|
Discussed that this isn't a priority for now given the level of effort and ability to handle this in |
|
For the record we hit the same issue with Also, AFAIU |
|
@shcheklein Can we recommend to include |
|
@dacbd Do you know what exactly are the requirements to include in a GHA workflow in order to push tags via gto? |
we probably can. But it also means we'll need to do the same with gto for example which becomes a bit heavy and unexpected (at least by its name - setup-cml, setup-dvc). Also, by biggest concern that it requires and extra token to be set - |
I can't find it ATM, but we had some discussion about whether we should consolidate to use a single action everywhere like
@dacbd To confirm, is it required to include this? env:
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}@shcheklein Is your main concern about including this or managing the secret in GH? I think it only uses the auto-generated |
If that's the case, it less important to address then. I was not sure (and I'm still not) about this. I tried to use it here https://github.com/shcheklein/PR-Merge-Register and the action failed with: {"level":"error","message":"token not found","stack":"Error: token not found\n at new Github (/usr/local/lib/node_modules/@dvcorg/cml/src/drivers/github.js:91:23)\n at CML.getDriver (/usr/local/lib/node_modules/@dvcorg/cml/src/cml.js:161:35)\n at CML.ci (/usr/local/lib/node_modules/@dvcorg/cml/src/cml.js:487:25)\n at exports.handler (/usr/local/lib/node_modules/@dvcorg/cml/bin/cml/repo/prepare.js:13:13)\n at /usr/local/lib/node_modules/@dvcorg/cml/node_modules/yargs/build/index.cjs:1:8993\n at /usr/local/lib/node_modules/@dvcorg/cml/node_modules/yargs/build/index.cjs:1:4949"}I haven't had to time dig further tbh so see if it's about token being required or something else. |
|
Can we just add the token rewriting patch to scmrepo if it detects its running in github actions? Until there is proper support for I try and do a draft PR so you can see what it might look like.
Just need to include a custom auth header when pushing git refs over https |
will it be rewriting the token that GH provides? |
|
@shcheklein no, we just need to pull token out of the git config entry and add it in the git origin as a username/password. approx: |
|
sounds good, @pmrowla to save you a click on how did this. |
|
I don't think a GHA specific patch belongs in scmrepo, iirc some other users encountered a similar issue with aws codecommit and whatever their CI equivalent is. If this is a priority we should just fix it properly and add support for |
can it be generalized on the would it be faster compared to changing it upstream? Clearly it's the right way to do this, if it takes let's say 10x more time then it might make sense to consider alternatives. |
|
It can't be generalized at the scmrepo level since the headers have to be set in the actual HTTP requests (that are crafted entirely in the upstream git backends). The GHA example would work purely in scmrepo since the way GHA uses it ends up just setting the HTTP basic But the |
|
Got it. Have you seen other (more or less meaningful, production) use case for the |
|
Azure pipelines CI uses it to set the |
|
Can GTO fallback to using CLI Git? |
|
We could make GTO init the scmrepo instances with gitpython as the highest priority backend, but that's still not ideal since it means DVC will end up using gitpython when it calls into GTO. |
|
What about trying to prioritize gitpython in scmrepo if we detect we are in GitHub? Fixing in dulwich sounds best but the full sprint estimate makes it hard to prioritize. |
jelmer/dulwich#882
in libgit2/pygit2 this requires exposing
git_fetch_options.extra_headersin the pygit remote callbacksThe text was updated successfully, but these errors were encountered: