* Build Docker args for credential sharing. * Forwards SSH agent into the container. * Note: ~/.gitconfig is copied (not mounted) after container creation so gh can modify it. * Uses agent forwarding only (no ~/.ssh mount) to avoid passphrase/permission issues.
()
| 159 | * Uses agent forwarding only (no ~/.ssh mount) to avoid passphrase/permission issues. |
| 160 | */ |
| 161 | function buildCredentialArgs(): string[] { |
| 162 | const args: string[] = []; |
| 163 | |
| 164 | // SSH agent forwarding (no ~/.ssh mount - causes passphrase/permission issues) |
| 165 | const sshForwarding = resolveSshAgentForwarding("/ssh-agent"); |
| 166 | if (sshForwarding) { |
| 167 | args.push("-v", `${sshForwarding.hostSocketPath}:${sshForwarding.targetSocketPath}:ro`); |
| 168 | args.push("-e", `SSH_AUTH_SOCK=${sshForwarding.targetSocketPath}`); |
| 169 | } |
| 170 | |
| 171 | // GitHub CLI auth via token |
| 172 | const ghToken = resolveGhToken(); |
| 173 | if (ghToken) { |
| 174 | args.push("-e", `GH_TOKEN=${ghToken}`); |
| 175 | } |
| 176 | |
| 177 | return args; |
| 178 | } |
| 179 | |
| 180 | /** |
| 181 | * Run docker run with streaming output (for image pull progress). |
no test coverage detected