Cannot reach private Azure Repo git URL with composer
FinishingLine opened this issue Β· comments
Is there an existing issue for this?
- I have searched the existing issues
Package ecosystem
Docker
Package manager version
No response
Language version
Ruby 3.3.1
Manifest location and content before the Dependabot update
No response
dependabot.yml content
version: 2
updates:
- package-ecosystem: "composer"
directory: "/"
schedule:
interval: "daily"
time: "00:00"
pull-request-branch-name:
separator: "/"
target-branch: "develop"
commit-message:
prefix: "π§ build"
Updated dependency
No response
What you expected to see, versus what you actually saw
I have a composer file that I'm trying to get Dependabot to run but it seems to be struggling with connecting to Azure Repos to access the private repo. It seems to have no issue querying Twig, etc, but once it appears to hit the private repo an error is experienced
Composer:
{
"name": "my/package",
"description": "My Package",
"config": {
"cache-files-maxsize": "500M",
"allow-plugins": {
"dealerdirect/phpcodesniffer-composer-installer": true,
"phpstan/extension-installer": true,
"kylekatarnls/update-helper": true
},
"platform": {
"php": "8.1.25"
}
},
"minimum-stability": "dev",
"require": {
"php": ">=8.1.25",
"my/package": "dev-main",
"twig/twig": "^3.8",
"guzzlehttp/guzzle": "^6.3",
...
},
....
"repositories": [
{
"type": "git",
"url": "https://myorgname@dev.azure.com/myorgname/mypackage/_git/mypackage"
}
]
}
The execution:
/usr/bin/docker run --rm -i -e GITHUB_ACCESS_TOKEN=*** -e DEPENDABOT_PACKAGE_MANAGER=composer -e DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT=5 -e DEPENDABOT_DIRECTORY=/ -e DEPENDABOT_TARGET_BRANCH=develop -e DEPENDABOT_BRANCH_NAME_SEPARATOR=/ -e DEPENDABOT_COMMIT_MESSAGE_OPTIONS={"prefix":"π§ build"} -e DEPENDABOT_FAIL_ON_EXCEPTION=true -e DEPENDABOT_CLOSE_PULL_REQUESTS=true -e AZURE_ORGANIZATION=myorgname -e AZURE_PROJECT=myproject -e AZURE_REPOSITORY=myproject -e AZURE_ACCESS_TOKEN=*** -e AZURE_MERGE_STRATEGY=squash -e AZURE_SET_AUTO_COMPLETE=true -e DEPENDABOT_MILESTONE=5923 ghcr.io/tinglesoftware/dependabot-updater-composer:1.29 update_script
The error output:
...
Checking if my/package 0754f8121cc30e7e080a0905ca89f2105982f356 needs updating
π --> GET https://dev.azure.com/myorgname/mypackage/_git/mypackage/info/refs?service=git-upload-pack
π <-- 200 https://dev.azure.com/myorgname/mypackage/_git/mypackage/info/refs?service=git-upload-pack
No update needed for my/package 0754f8121cc30e7e080a0905ca89f2105982f356
Checking if twig/twig 3.8.0 needs updating
π --> GET https://repo.packagist.org/p2/twig/twig.json
π <-- 200 https://repo.packagist.org/p2/twig/twig.json
/home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:263:in `handle_composer_errors': The following git URLs could not be retrieved: https://dev.azure.com/myorgname/mypackage/_git/mypackage (Dependabot::GitDependenciesNotReachable)
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:91:in `rescue in fetch_latest_resolvable_version_string'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:81:in `fetch_latest_resolvable_version_string'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:68:in `fetch_latest_resolvable_version'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:55:in `latest_resolvable_version'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker.rb:37:in `latest_resolvable_version'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:127:in `preferred_resolvable_version'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:344:in `preferred_version_resolvable_with_unlock?'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:335:in `numeric_version_can_update?'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:278:in `version_can_update?'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:94:in `can_update?'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from bin/update_script.rb:599:in `block in <main>'
from bin/update_script.rb:549:in `each'
from bin/update_script.rb:549:in `<main>'
/home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/shared_helpers.rb:189:in `run_helper_subprocess': Failed to execute git clone --mirror -- 'https://myorgname@dev.azure.com/myorgname/mypackage/_git/mypackage' '/home/dependabot/.cache/composer/vcs/https---myorgname-dev.azure.com-myorgname-mypackage--git-mypackage/' (Dependabot::SharedHelpers::HelperSubprocessFailed)
Cloning into bare repository '/home/dependabot/.cache/composer/vcs/https---myorgname-dev.azure.com-myorgname-mypackage--git-mypackage'...
fatal: Authentication failed for 'https://dev.azure.com/myorgname/mypackage/_git/mypackage/'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:191:in `block in create_validator_slow'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:142:in `run_update_checker'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:85:in `block in fetch_latest_resolvable_version_string'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/shared_helpers.rb:81:in `block in in_a_temporary_directory'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/shared_helpers.rb:81:in `chdir'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/shared_helpers.rb:81:in `in_a_temporary_directory'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:83:in `fetch_latest_resolvable_version_string'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:68:in `fetch_latest_resolvable_version'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker/version_resolver.rb:55:in `latest_resolvable_version'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-composer-0.260.0/lib/dependabot/composer/update_checker.rb:37:in `latest_resolvable_version'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:127:in `preferred_resolvable_version'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:344:in `preferred_version_resolvable_with_unlock?'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:335:in `numeric_version_can_update?'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:278:in `version_can_update?'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/dependabot-common-0.260.0/lib/dependabot/update_checkers/base.rb:94:in `can_update?'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `bind_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/call_validation.rb:270:in `validate_call'
from /home/dependabot/dependabot-updater/vendor/ruby/3.3.0/gems/sorbet-runtime-0.5.11422/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
from bin/update_script.rb:599:in `block in <main>'
from bin/update_script.rb:549:in `each'
from bin/update_script.rb:549:in `<main>'
This was working previously in version 0.242.1 of Dependabot with the token, but after this was updated to 0.244.0 this seemed to stop working successfully
Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
No response
Smallest manifest that reproduces the issue
No response