Skip to content

SEC-1533: Remove ssh key requirement#4

Merged
Alexander-Cairns merged 1 commit intomainfrom
SEC-1533
Feb 9, 2026
Merged

SEC-1533: Remove ssh key requirement#4
Alexander-Cairns merged 1 commit intomainfrom
SEC-1533

Conversation

@Alexander-Cairns
Copy link
Contributor

@Alexander-Cairns Alexander-Cairns commented Dec 3, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features

    • SSH key input is now optional instead of required.

  • Improvements

    • Composer authentication setup has been reorganized for better clarity.
    • SSH key configuration now runs conditionally—only when an SSH key is provided.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Dec 3, 2025
edited
Loading

Walkthrough

The action.yml workflow configuration has been refactored to make SSH key setup optional and separate composer credentials initialization into two distinct steps: auth.json setup (unconditional) and SSH configuration (conditional on ssh-key input presence).

Changes

Cohort / File(s) Change Summary
GitHub Actions workflow restructuring
action.yml		 Made ssh-key input optional; split "Setup Composer credentials" into two separate steps: (1) "Setup Composer auth.json" runs unconditionally to create .ddev/homeadditions/.composer/auth.json, (2) "Setup Composer ssh keys" conditionally runs when inputs.ssh-key is provided to configure SSH keys and permissions. Subsequent steps remain unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

  • Verify conditional logic for SSH key step (if: inputs.ssh-key != '' or similar guard)
  • Confirm auth.json step correctly handles missing or empty composer-auth input
  • Check file path references (.ddev/homeadditions/...) are correct
  • Validate that decoupling the two steps doesn't introduce dependency issues

Poem

🐰 Two steps now dance where one did dwell,
With SSH optional—a flexible spell.
Auth.json first, then keys if they're near,
Conditions control what actions appear! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and accurately reflects the main change: making SSH key input optional rather than required, which is the core objective of this pull request.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch SEC-1533

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)
  • JIRA integration encountered authorization issues. Please disconnect and reconnect the integration in the CodeRabbit UI.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@Alexander-Cairns Alexander-Cairns added the minor Added functionality that is backwards compatible. label Dec 3, 2025
coderabbitai[bot]
coderabbitai bot reviewed Dec 3, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

  • Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 7beafec and 70c652f.

📒 Files selected for processing (1)
  • action.yml (2 hunks)
🔇 Additional comments (2)
action.yml (2)

14-14: ✓ SSH key requirement correctly changed to optional.

The change from required: true to required: false aligns with the PR objective to remove the SSH key requirement.

37-41: ✓ Composer auth.json setup step is well-structured.

The new unconditional step correctly creates the directory hierarchy and populates the auth.json file from the required composer-auth input. This ensures composer authentication is always available regardless of SSH key provision.

@Alexander-Cairns Alexander-Cairns merged commit 3d75a77 into main Feb 9, 2026
1 check passed
@Alexander-Cairns Alexander-Cairns deleted the SEC-1533 branch February 9, 2026 13:57
@github-actions
Copy link

github-actions bot commented Feb 9, 2026

Tag generated by PR: v2.1.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@adam-vessey adam-vessey adam-vessey approved these changes

Assignees

No one assigned

Labels

minor Added functionality that is backwards compatible.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Alexander-Cairns @adam-vessey