这是indexloc提供的服务,不要输入任何密码
Skip to content

fix(docker): add git url override support for github ssh-urls #7357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix(docker): add git url override support for github ssh-urls #7357

wants to merge 3 commits into from
+3 −0

Conversation

@eriweb
Copy link

@eriweb eriweb commented Oct 28, 2025

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

The Docker image provides support to override GitHub HTTPS URLs to use a PAT / token authentication to download private repositories. There is however no support to do the same with SSH URLs.
This PR changes that by rewriting SSH URLs to HTTPS.

Fixes # (issue)
bridgecrewio/checkov-action#178

New/Edited policies (Delete if not relevant)

Description

Include a description of what makes it a violation and any relevant external links.

Fix

How does someone fix the issue in code and/or in runtime?

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my feature, policy, or fix is effective and works
  • New and existing tests pass locally with my changes

@maxamel
Copy link
Contributor

maxamel commented Nov 4, 2025

Hi @eriweb , what is the consequence of re-writing ssh urls to https security-wise ?

@eriweb
Copy link
Author

eriweb commented Nov 11, 2025

@maxamel Sorry for the late reply, the notification got lost.

I'm not entirely sure what kind of consequences there would be. Both protocols are encrypted and should be safe to use. I do however see that there might be unintended errors because the behavior might be unexpected. Would introducing a more specific environment variable be better? Something like GITHUB_OVERRIDE_SSH_URL or similar

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eriweb @maxamel