`circleci orb validate` fails with private dependent orb from same namespace

Question

`circleci orb validate` fails with private dependent orb from same namespace

jschwanz opened this issue 2 years ago · comments

Jason Schwanz commented 2 years ago

Meta:

CircleCI CLI Version:

using image circleci/circleci-cli@sha256:eee9b00ad8929a528171d773e2ffc9d9f82fcd31c2e89a3da9f22bf17bf54bfc
0.1.19666+830e7ff (release)

Operating System:
Ubuntu 20.04

Current behavior:

I'm attempting to author a private orb that has a dependency on another private orb in the same namespace. When circleci orb validate runs as a part of orb-tools I get:

Error: Cannot find my-namespace/dep-orb@1.2.3 in the orb registry. Check that the namespace, orb name and version are correct.

Expected behavior:

I expect the orb validate process to be able to validate the use of private orbs from the same namespace.

praveenkeshri commented a year ago

?

Jason Schwanz · Answer 1 · Thu Jul 28 2022 05:45:59 GMT+0800 (China Standard Time)

This functionality already exists in circleci config validate with the --org-id and --org-slug arguments. It would be really nice to have it here, too.

Rafa Adonis · Answer 2 · Thu Aug 25 2022 04:41:34 GMT+0800 (China Standard Time)

Unfortunatelly I'm having the same problem.

Waiting for a solution

Adam Harvey · Answer 3 · Thu Sep 15 2022 23:26:54 GMT+0800 (China Standard Time)

We are having this problem with our orbs as well. Effectively, it means we can't really use the circleci orb validate command as most of our private orbs cross-reference each other now for ease of maintenance/encapsulation/reuse.

mcommons1 · Answer 4 · Fri Dec 16 2022 19:21:51 GMT+0800 (China Standard Time)

Is there any update on this issue?

Antoine DUBOIS · Answer 5 · Mon Feb 06 2023 16:48:07 GMT+0800 (China Standard Time)

After the security breach we experienced in CircleCI we migrated to private orbs and are now blocked by this.

Kelvin Tay · Answer 6 · Thu Mar 16 2023 08:38:18 GMT+0800 (China Standard Time)

thank you for your sharing folks!

I am tagging our developer experience team here @CircleCI-Public/developer-experience to see if we can offer any updates on this 🙏

Antoine DUBOIS · Answer 7 · Thu Mar 16 2023 21:05:58 GMT+0800 (China Standard Time)

Thank you @kelvintaywl for your support on this issue. Hopefully the developer-experience team will find time to update this.

JulesFaucherre · Answer 8 · Fri Mar 17 2023 22:26:29 GMT+0800 (China Standard Time)

Hello,

Developer from @CircleCI-Public/developer-experience , really sorry we took so much time to answer. We are starting looking into the problem. @jschwanz, the solution we are going to make will surely look something like this but we first need our back-end to support this so unfortunately it's going to take a bit more time.
Anyway we are looking into the issue and we should fix it soon

Tobias Deekens · Answer 9 · Thu Apr 20 2023 20:12:02 GMT+0800 (China Standard Time)

Thanks for the feedback @JulesFaucherre. Has there been any progress on this. Running into this is quite tedious to get around and I am sure fixing it would uplift how companies can adopt and use Orbs more easily.

JulesFaucherre · Answer 10 · Thu Apr 20 2023 22:10:30 GMT+0800 (China Standard Time)

Hello, yes sorry for not getting back to this before! This took us a bit more time than expected because we had dependencies on other teams. Now it's a bit more advanced and we should be releasing this fix by the beginning of next week!

zbenhadi · Answer 11 · Wed Apr 26 2023 16:03:59 GMT+0800 (China Standard Time)

I've opened a pull request to solve this problem: #922

The orb validate will be able to accept org-slug and/or org-id flags just like config validate command.

zbenhadi · Answer 12 · Tue May 02 2023 17:53:25 GMT+0800 (China Standard Time)

Hello again ! The PR has been merged and a new cli version has been released fixing this issue (https://github.com/CircleCI-Public/circleci-cli/releases/tag/v0.1.26255)

Thanks to everyone who participated in this issue !