How are environment variables exposed?

[amustill]

Hi,

I'm attempting to use this action along with the ffraenz/private-composer-installer package where a key is required to obtain another package. This key is passed as an environment variable and works both locally and in another CI environments.

However, when using this action I'm getting errors where the environment variables are not being set.

Just for clarification, how are environment variables exposed?

- name: Install dependencies
  uses: php-actions/composer@v5
  with:
    php_version: '7.4'
  env:
    SECRET_KEY: ${{ secrets.SECRET_KEY }}

The log shows the environment variable being passed.

Run php-actions/composer@v5
  with:
    php_version: 7.4
    version: latest
    command: install
    interaction: no
    dev: yes
    progress: no
    quiet: no
  env:
    SECRET_KEY: ***

I must admit, this is my first time using GitHub Actions (I usually use GitLab CI) so perhaps I'm missing something.

Many thanks.

[g105b]

Using the env section of the config yaml is expected - passing a key and value in there like you are doing seems fine to me.

Is your private repo on Github? If so, you should be able to install it without the need for other actions. See the readme for an example.

Let me know if this works for you or if you have any follow up questions.

[g105b]

Hi @amustill ,

Did you succeed with using your private repository? I'm just checking to see if there's anything you're still struggling with. If not, I'll close the issue.

Cheers,
Greg.

[amustill]

Hi Greg,

Sorry, I haven't had the time to look at the issue further. The repo isn't private, it's a package installed from a remote zip file using ffraenz/private-composer-installer.

I will make some time in the coming days to investigate a little further.

Thanks.

[amustill]

I took this issue over to the ffraenz/private-composer-installer package and as per the discussion it has been suggested that the environment variables passed to this action are not passed on to the Docker container.

Is this a plausible explanation @g105b? Unfortunately I have not currently got the time to debug it.

As detailed in that thread, I have since found a solution by using a step to create a .env before running Composer. It's not ideal, but works.

[g105b]

That makes perfect sense actually. The action has been changed in v5 to run the task within a separate container, which won't currently have these variables exposed to it.

I'll update this functionality as a bug fix as part of v5 because this should be the expected behaviour.

Thanks for helping diagnose the issue.

[amustill]

Ah, perfect!

Thanks, Greg, and apologies for being slow to follow up.

[g105b]

I've just patched the v5 release with a solution that exposes all env variables from the host action runner to the subcontainer.

Have fun!

[pbek]

I've just patched the v5 release with a solution that exposes all env variables from the host action runner to the subcontainer.

@g105b, is this still in place?

I was trying to inject a SYMFONY_DEPRECATIONS_HELPER=weak with:

    - name: Run tests
      uses: php-actions/composer@v5
      with:
        command: run test
        php_version: 7.4
        version: 2
      env:
        # because of: 1x: Class "ApiPlatform\Core\Bridge\Symfony\Bundle\Test\Client" should implement method "Symfony\Contracts\HttpClient\HttpClientInterface::withOptions(array $options)": Returns a new instance of the client with new default options.
        SYMFONY_DEPRECATIONS_HELPER: weak

...but I still get the deprecation error message in https://github.com/qownnotes/api/runs/2481475259?check_suite_focus=true#step:4:125.

Running SYMFONY_DEPRECATIONS_HELPER=weak composer run test with composer 2.0.8 locally works.

Thanks again for this great GitHub Action! 👍🏻 😁

[g105b]

Hi @pbek ,

I'll take a look at this later this morning.

I would like to document the exposure of environment variables over at https://GitHub.com/php-actions/example-composer for you and anyone else who might have this question, and as working proof of the functionally.

I'll catch up later when I've had chance to put it together.

Greg.

[pbek]

Awesome, thank you very much! 👏🏻

[g105b]

Hi @pbek,

You were absolutely right. This functionality has regressed, and I've isolated it back to when I rolled back the version of php-build we use for this repo.

A fix is easy, but I want to ensure it doesn't regress any other functionality, so I'm going to spend a little bit of time tidying up the example-composer repository as a test bed for this.

I would like to make a patch tag to v5, but to help people depend on specific builds I'm also going to introduce a better tagging system that introduces semantic build numbers.

I'll hopefully get this wrapped up later today, but I'll keep you informed here.

Thanks for reporting this!

Greg.

[g105b]

Isolated the issue here: https://github.com/php-actions/example-composer/runs/2485950137?check_suite_focus=true

The environment variable is set here to test, and it's not showing: https://github.com/php-actions/example-composer/blob/master/.github/workflows/ci-env.yaml#L28

[pbek]

Thank you very much for looking into it!

[g105b]

Hey @pbek ,

Sorry it's taken me so long to get around to, but work projects exploded over the last couple of weeks.

Anyway, I've made changes to the branch 40-env that checks the Github host environment against the Docker runner, as to not set any important environments within the docker runner.

Please can you test that this fixes the issue for you?

    steps:
      - uses: actions/checkout@v2

      - name: Install dependencies
        uses: php-actions/composer@40-env

You can see my example repository using it here: https://github.com/php-actions/example-composer/runs/2640829589?check_suite_focus=true

[pbek]

@g105b, it seems to build quite nicely. Thank you very much!
https://github.com/qownnotes/api/runs/2642432649?check_suite_focus=true

[g105b]

@pbek great to hear! I'm going to make a V6 release this weekend as a few changes have been made, I don't want to back port it into v5.

[pbek]

Great, thank you! 🥳