You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Due to our company's GitHub setup, to make GitHub actions like checkout work, a bearer token must be created for the session; otherwise, submodules can't be cloned.
This starts in GitHub Actions, where the repo (including two private submodules) is cloned successfully using the bearer token.
Actions then spin off Fastlane, which executes the build phase. The first part of the build attempts to resolve and download several Swift packages, most of them public. However, we have a private Swift package that includes a private submodule.
This is where things fall apart, and Submodule3 (see diagram below) can't be cloned.
The reason is that the bearer token isn't presented for Submodule3.
I noticed in the previous checkout Action, the following commands are run to allow cloning Submodule1 and Submodule2:
where *** is the bearer token. I think I need to repeat these in Fastlane for Submodule3, though I'm unsure how to approach it. The problem is that I can't think of a way to "break into" the package resolution for Package2 after it's retrieved but BEFORE it tries to clone the submodule.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Due to our company's GitHub setup, to make GitHub actions like
checkout
work, a bearer token must be created for the session; otherwise, submodules can't be cloned.This starts in GitHub Actions, where the repo (including two private submodules) is cloned successfully using the bearer token.
Actions then spin off Fastlane, which executes the build phase. The first part of the build attempts to resolve and download several Swift packages, most of them public. However, we have a private Swift package that includes a private submodule.
This is where things fall apart, and Submodule3 (see diagram below) can't be cloned.
The reason is that the bearer token isn't presented for Submodule3.
I noticed in the previous checkout Action, the following commands are run to allow cloning Submodule1 and Submodule2:
where *** is the bearer token. I think I need to repeat these in Fastlane for Submodule3, though I'm unsure how to approach it. The problem is that I can't think of a way to "break into" the package resolution for Package2 after it's retrieved but BEFORE it tries to clone the submodule.
Any thoughts would be appreciated.
Beta Was this translation helpful? Give feedback.
All reactions