- Notifications
You must be signed in to change notification settings - Fork689
Description
I have a number of Python Packages in private (company) repos and I am using GitHub Actions to run pytest on commits. One of the repos depends on packages from other repos. When pip runs from the Action, I see the following error:
Collecting pyconfig@ git+ssh://git@github.com/sxi/pyconfig@masterRunning command git clone -q 'ssh://****@github.com/sxi/pyconfig' /tmp/pip-install-wglwufhp/pyconfigCloning ssh://****@github.com/sxi/pyconfig (to revision master) to /tmp/pip-install-wglwufhp/pyconfigWarning: Permanently added the RSA host key for IP address '140.82.114.4' to the list of known hosts.git@github.com: Permission denied (publickey).fatal: Could not read from remote repository.Please make sure you have the correct access rightsand the repository exists.ERROR: Command errored out with exit status 128: git clone -q 'ssh://****@github.com/sxi/pyconfig' /tmp/pip-install-wglwufhp/pyconfig Check the logs for full command output.##[error]Process completed with exit code 1.Please document how the user can grant access to private repos to the Action. For example, I solved the problem using the following:
- For every Python package, create a step to check out the private repo
- name: Checkout pyconfig from a private repo uses: actions/checkout@v2 with: repository: <company>/pyconfig token: ${{ secrets.ACCESS_TOKEN }} path: pyconfig- Modify the “Install dependencies” stop to pip install each Python package sourced from a private repo
- name: Install dependencies run: | python -m pip install --upgrade pip pip install /home/runner/work/<path>/pyconfigWhile this works, it is a little tedious. Tech Support suggested I use HTTPS with a username and password to check out the packages from the private repositories. I would prefer to not use this method. It would likely require me to create and maintain a "fake" user account just for checking repositories in GitHub Actions. I would much prefer to use a personal access token (like I did above), but in a more simplified manner.