From 78786ef4b110c878450f93a4095a125317adfebd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Viktor=20Sz=C3=A9pe?= <viktor@szepe.net>
Date: Thu, 25 Jan 2024 12:50:30 +0000
Subject: [PATCH] Add require lock file input parameter

---
 README.md               | 1 +
 action.yml              | 8 +++++++-
 bin/composer_install.sh | 5 +++++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 61f3a26..7c207e8 100644
--- a/README.md
+++ b/README.md
@@ -175,6 +175,7 @@ even more specific, you can specify a suffix to be added to the cache key via th
 :warning: Note: specifying a `custom-cache-key` will take precedence over the `custom-cache-suffix`.
 
 ### Fork and private repositories
+
 Sometimes it's needed to use the `repositories` key in your `composer.json` to pull in forks, PRs with patches or private repositories. In this case, your GitHub Action may start failing with a `Could not authenticate against github.com` error message. To solve this, you need to add a GitHub Personal Access token, and this bit to your Action configuration:
 ```yaml
 env:
diff --git a/action.yml b/action.yml
index 553b979..d77cf62 100644
--- a/action.yml
+++ b/action.yml
@@ -34,6 +34,11 @@ inputs:
     description: >-
       A custom suffix to add to the auto-generated cache key.
     required: false
+  require-lock-file:
+    description: >-
+      Require lock file for install command.
+    required: false
+    default: "false"
 
 runs:
   using: "composite"
@@ -91,4 +96,5 @@ runs:
           "${{ inputs.working-directory }}" \
           "${{ steps.php.outputs.path }}" \
           "${{ steps.composer.outputs.composer_command }}" \
-          "${{ steps.composer.outputs.lock }}"
+          "${{ steps.composer.outputs.lock }}" \
+          "${{ inputs.require-lock-file }}"
diff --git a/bin/composer_install.sh b/bin/composer_install.sh
index 191b706..117fd9c 100755
--- a/bin/composer_install.sh
+++ b/bin/composer_install.sh
@@ -6,6 +6,7 @@ working_directory="${3}"
 php_path="${4:-$(which php)}"
 composer_path="${5:-$(which composer)}"
 composer_lock="${6}"
+require_lock_file="${7}"
 
 composer_command="update"
 composer_options=("--no-interaction" "--no-progress" "--ansi")
@@ -18,6 +19,10 @@ esac
 
 # If there is no composer.lock file, then use the `update` command.
 if [ -z "${composer_lock}" ]; then
+    if [ "${dependency_versions}" == locked ] && [ "${require_lock_file}" == true ]; then
+        echo "::error title=Composer Lock File Not Found::Unable to find 'composer.lock'"
+        exit 1
+    fi
     composer_command="update"
 fi