search

microsoft / azure-pipelines-agent

Azure Pipelines Agent 🚀
MIT License
1.7k stars 856 forks source link

Checkout task with persistCredentials doesn't set credentials for submodule repo(s) when needed #4114

Open sphanley opened 1 year ago

sphanley commented 1 year ago

Agent Version and Platform

2.213.2 on MacOS

Azure DevOps Type and Version

dev.azure.com, organization name can be provided if needed.

What's not working?

I'm using the Azure Pipelines checkout task with submodules: true and fetchDepth: 1. Later in my pipeline, in some cases I need to fetch additional depth, so I've set persistCredentials: true. This causes the following line to be added to the end of my checkout (I've obscured organizational info using curly-brackets):

git config http.https://{organization}@dev.azure.com/{organization}/{project}/\_git/{repo}.extraheader "AUTHORIZATION: placeholder_{...}"

However, since this persisted credential is only set for the main repo, and not my submodule repo, I'm getting the following error later when I try to fetch additional depth, with submodules recursed:

Fetching submodule {submodule repository name} fatal: could not read Password for 'https://{organization}@dev.azure.com': terminal prompts disabled

The desired behavior for this use case would be that if persistCredentials is set to true on a checkout where submodules is also true, the credentials would be persisted for both the top-level repo and also any submodule repositories.

Roman-Shchukin commented 1 year ago

Hi @sphanley thanks for reporting! We are working on more prioritized issues at the moment, but will get back to this one soon.

bassamhbj commented 1 year ago

Hello, is there any update on this issue? I am facing the same issue and I not able to checkout further modules

mccolljr commented 11 months ago

I believe I am also experiencing this issue... will this be resolved?

frankhaugen commented 8 months ago

Any progress? Is there a simple workaround since this isn't a priority?

initjsk commented 6 months ago

Also experiencing this issue. We are referencing multiple repositories as submodules from one project to another. Something as simple as checking out a repository with submodules should be possible, yes?

@Roman-Shchukin - How is this basic feature not a priority? Do you have a workaround for this?

praneeth-katta commented 3 months ago

Is there a solution or work around for this? this is important to update the main module with the commits of submodule

frankhaugen commented 3 months ago

Who prioritize these issues, and how can I get in touch with them to argue about priorities?

praneeth-katta commented 3 months ago

Only workaround is to clone separately instead of using submodule=true. Even though, this can be easy and dirty solution but can be implemented only if there are one or two submodules. If there are more submodules, it becomes messier

Other option is to use the PAT which can be retrieved from secure files.

tparikkaatmilliman commented 4 days ago

Has anyone at Microsoft looked at this issue to triage it yet?

frankhaugen commented 2 days ago

Has anyone at Microsoft looked at this issue to triage it yet?

It has been triaged and accepted as a bug, but apparently, it's not important enough

Very frustrating that this has been taking ages, so I'll do a faux pas:

Hey @geekzter you are listed as product manager for Azure Pipelines, (so in desperation I'm tagging you, I know that's not a "nice" thing to do), could we get some eyes on this issue? My employer really needs this feature to work, and judging by the other comments here, this is a huge annoyance for them as well, and it's been some time