I have 2 private GitHub repositories (say A and B) in the organization (say ORG). Repository A has repository B in requirements.txt
:
-e git+git@github.com:ORG/B.git#egg=B
And I have the following workflow for A (in .github/workflows/test.yml
):
name: Python package
on: push
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install requirements
run: |
pip install -r requirements.txt
- name: Test with pytest
run: |
pytest ./tests
As B is private, it fails on installing it.
Is it possible to install B while testing A in this workflow if they are in the same organization? How?
Since access tokens are bound to an account and have write access to all its private repos, it's a very bad solution.
Instead, use deploy keys .
Deploy keys are simply SSH keys that you can use to clone a repo.
Once it's set, you can set the private key in the GitHub Action's SSH Agent. There's no need to import a third-party GitHub Action, a 2-liner will suffice.
eval `ssh-agent -s`
ssh-add - <<< '${{ secrets.PRIVATE_SSH_KEY }}'
pip install -r requirements.txt
I found that ssh-add
command here .
I did this way!
- uses: actions/checkout@v1
with:
repository: organization_name/repo_name
token: ${{ secrets.ACCESS_TOKEN }}
You need to provide a valid token, you can generate it following this guide
使用不带密码的 SSH 密钥访问存储库 B,或为该存储库创建访问令牌,然后使用访问令牌作为密码通过 HTTPS 访问该存储库: https://USERNAME:TOKEN@github.com/ORG/B.git
。
Instead of check out twice, all you need is provided the TOKEN for pip
to access repo B.
- name: Install requirements
run: |
git config --global url."https://${{ secrets.ACESS_TOKEN }}@github".insteadOf https://github
pip install -r requirements.txt
I added this line
git+https://YOUR_TOKEN_HERE@github.com/ORG/REPO_NAME.git@master#egg=REPO_NAME
to my requirements.txt
and it worked. But as other people mentioned, your token will be exposed to anyone having access to this repository. It is probably best to use a secret in your repository.
Complementing Philippe Remy's response ...
Note that #egg is not necessarily the name of the github repository. You will need to see this in setup.py
or setup.cfg
Using deployment keys you can do
- uses: actions/checkout@v2
with:
ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
repository: organization_name/repo_name
For this to work you need to
SSH_PRIVATE_KEY
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.