From 8b4f9d17a7b77bc34eb11f17e5874dc228a6c412 Mon Sep 17 00:00:00 2001
From: DaveOps <david.kiss@oxid-esales.com>
Date: Fri, 20 Feb 2026 14:12:00 +0100
Subject: [PATCH 1/3] OXDEV-9764 Add git basic auth

---
 .../workflows/universal_workflow_light.yaml   | 31 +++++++++++++++++--
 prepare_shop/action.yaml                      | 26 ++++++++++++++++
 2 files changed, 55 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/universal_workflow_light.yaml b/.github/workflows/universal_workflow_light.yaml
index d2a6e0b4..860ef186 100644
--- a/.github/workflows/universal_workflow_light.yaml
+++ b/.github/workflows/universal_workflow_light.yaml
@@ -66,6 +66,15 @@ on:
       SLACK_WEBHOOK_URL:
         required: false
         # description: Webhook for posting to SLACK
+      EXTERNAL_GIT_HOST:
+        required: false
+        # description: external git host
+      EXTERNAL_GIT_USERNAME:
+        required: false
+        # description: external git username
+      EXTERNAL_GIT_PASSWORD:
+        required: false
+        # description: external git password
 
 jobs:
   init:
@@ -299,7 +308,7 @@ jobs:
 
       - name: 'Prepare Shop'
         id: prepare_shop
-        uses: 'OXID-eSales/github-actions/prepare_shop@v5'
+        uses: 'OXID-eSales/github-actions/prepare_shop@v0'
         with:
           container_name: ${{ steps.iltp.outputs.install_container_name }}
           container_options: ${{ steps.iltp.outputs.install_container_options }}
@@ -313,6 +322,9 @@ jobs:
           git_ref: ${{ steps.iltp.outputs.install_git_ref }}
           compilation_url: ${{ steps.iltp.outputs.install_composer_root_url }}
           github_ref_name: ${{ github.ref_name }}
+          external_git_host: ${{ secrets.EXTERNAL_GIT_HOST }}
+          external_git_username: ${{ secrets.EXTERNAL_GIT_USERNAME }}
+          external_git_password: ${{ secrets.EXTERNAL_GIT_PASSWORD }}
           php: ${{ matrix.php }}
           mysql: ${{ matrix.mysql }}
           custom_ini_error_reporting: ${{ steps.iltp.outputs.install_custom_ini_error_reporting }}
@@ -827,12 +839,20 @@ jobs:
         # Only run this if there is no transformation and composer_early is set to 'false'
         if: ${{ steps.rt.outputs.runscript_composer_transform == '' && steps.rt.outputs.runscript_composer_early == 'false' }}
         run: |
-          # run composer
+          # set oauth
           ${{ inputs.debug }}
           docker compose exec -T \
             ${{ steps.rt.outputs.runscript_container_options }} \
             ${{ steps.rt.outputs.runscript_container_name }} \
             composer config -g github-oauth.github.com "${{ secrets.enterprise_github_token || github.token }}"
+          # set http-basic
+          if [ -n "${{ secrets.EXTERNAL_GIT_HOST }}" ]; then
+            docker compose exec -T \
+              ${{ steps.rt.outputs.runscript_container_options }} \
+              ${{ steps.rt.outputs.runscript_container_name }} \
+              composer config -g http-basic.${{ secrets.EXTERNAL_GIT_HOST }} "${{ secrets.EXTERNAL_GIT_USERNAME }}" "${{ secrets.EXTERNAL_GIT_PASSWORD }}"
+          fi
+          #run composer
           docker compose exec -T \
             ${{ steps.rt.outputs.runscript_container_options }} \
             ${{ steps.rt.outputs.runscript_container_name }} \
@@ -1032,6 +1052,13 @@ jobs:
             ${{ steps.rt.outputs.runslim_container_options }} \
             ${{ steps.rt.outputs.runslim_container_name }} \
             composer config -g github-oauth.github.com "${{ secrets.enterprise_github_token || github.token }}"
+          # set http-basic
+          if [ -n "${{ secrets.EXTERNAL_GIT_HOST }}" ]; then
+            docker compose exec -T \
+              ${{ steps.rt.outputs.runslim_container_options }} \
+              ${{ steps.rt.outputs.runslim_container_name }} \
+              composer config -g http-basic.${{ secrets.EXTERNAL_GIT_HOST }} "${{ secrets.EXTERNAL_GIT_USERNAME }}" "${{ secrets.EXTERNAL_GIT_PASSWORD }}"
+          fi
           docker compose exec -T \
             ${{ steps.rt.outputs.runslim_container_options }} \
             ${{ steps.rt.outputs.runslim_container_name }} \
diff --git a/prepare_shop/action.yaml b/prepare_shop/action.yaml
index 364dd1e3..65ca1fda 100644
--- a/prepare_shop/action.yaml
+++ b/prepare_shop/action.yaml
@@ -78,6 +78,21 @@ inputs:
     required: false
     description: 'Current branch (github.ref_name) for modifying composer.json'
     default: ''
+  external_git_host:
+    type: string
+    required: false
+    description: 'Full hostname of external private git server (e.g. git.company.com) for HTTP basic authentication'
+    default: ''
+  external_git_username:
+    type: string
+    required: false
+    description: 'external_git_username for 3rd party git login'
+    default: ''
+  external_git_password:
+    type: string
+    required: false
+    description: 'external_git_password for 3rd party git login'
+    default: ''
   php:
     type: string
     required: false
@@ -315,6 +330,17 @@ runs:
           ${{ inputs.container_name}} \
           composer config -g github-oauth.github.com "${{ inputs.enterprise_github_token }}"
 
+    - name: Configure external git repository
+      if: ${{ inputs.external_git_host != '' }}
+      shell: bash
+      run: |
+        # prepare_shop: Configure external git repository
+        ${{ inputs.debug }}
+        docker compose ${{ inputs.container_method }} -T \
+          ${{ inputs.container_options }} \
+          ${{ inputs.container_name}} \
+          composer config -g http-basic.${{ inputs.external_git_host }} "${{ inputs.external_git_username }}" "${{ inputs.external_git_password }}"
+
     - name: 'Set Composer version'
       if: ${{ inputs.composer_version != '' }}
       shell: bash

From 1ba387ba426ea7b9018608502a20d598218a48ba Mon Sep 17 00:00:00 2001
From: DaveOps <david.kiss@oxid-esales.com>
Date: Fri, 20 Feb 2026 15:39:05 +0100
Subject: [PATCH 2/3] OXDEV-9764 Add documentation

---
 docs/actions/prepare_shop.md               | 13 +++++++++++++
 docs/workflows/universal_workflow_light.md | 15 ++++++++++-----
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/docs/actions/prepare_shop.md b/docs/actions/prepare_shop.md
index 60ad6c10..e32c6d27 100644
--- a/docs/actions/prepare_shop.md
+++ b/docs/actions/prepare_shop.md
@@ -111,6 +111,19 @@ Populate with \${{ secrets.DOCKER_HUB_USER }}, GitHub will hide its content.
 Needed for docker login.
 Populate with \${{ secrets.DOCKER_HUB_TOKEN }}, GitHub will hide its content.
 
+**external_git_host:** *not required*, *default:* `''`  
+Hostname of an external private git server requiring HTTP basic authentication (e.g. `git.company.com`).
+When set, configures composer with the provided credentials for this host before running `composer update`.
+Populate with \${{ secrets.EXTERNAL_GIT_HOST }}, GitHub will hide its content.
+
+**external_git_username:** *not required*, *default:* `''`  
+Username for HTTP basic authentication on the external git host.
+Populate with \${{ secrets.EXTERNAL_GIT_USERNAME }}, GitHub will hide its content.
+
+**external_git_password:** *not required*, *default:* `''`  
+Password or token for HTTP basic authentication on the external git host.
+Populate with \${{ secrets.EXTERNAL_GIT_PASSWORD }}, GitHub will hide its content.
+
 **copy_script_targets:** *not required*, *default:* 'tests/scripts'  
 Copy the test scripts to these target folders.
 
diff --git a/docs/workflows/universal_workflow_light.md b/docs/workflows/universal_workflow_light.md
index 73cffd3f..b05036f1 100644
--- a/docs/workflows/universal_workflow_light.md
+++ b/docs/workflows/universal_workflow_light.md
@@ -35,9 +35,6 @@ debugging scripts can be run locally.
 This allows for dynamic passing of YAML code containing variables. The provided multiline string
 will be stored in {plan_folder}/_custom.yaml and can be used in the testplan argument as ~/_custom.yaml.
 
-**use_scheduled_slack_channel:** *not required*, *default:* true  
-If this is set to true and the secret SLACK_SCHEDULED_WEBHOOK_URL is provided, the Slack notification is sent to the channel specified by SLACK_SCHEDULED_WEBHOOK_URL instead of the channel specified by SLACK_WEBHOOK_URL.
-
 ## Secrets
 
 **DOCKER_HUB_USER:**  
@@ -64,5 +61,13 @@ Token to submit sonarcloud reports to their website
 **SLACK_WEBHOOK_URL:**  
 URL for the Slack API to send reports to.
 
-**SLACK_WEBHOOK_URL:**  
-URL for the Slack API to send reports to if the input use_scheduled_slack_channel is set to true.
+**EXTERNAL_GIT_HOST:**
+Hostname of an external private git server requiring HTTP basic authentication. When set, composer is
+configured with the provided credentials for this host during shop installation and before each composer
+run in the `runscript` and `runslim` jobs (credentials are re-applied as containers start fresh from cache).
+
+**EXTERNAL_GIT_USERNAME:**
+Username for HTTP basic authentication on the external git host.
+
+**EXTERNAL_GIT_PASSWORD:**
+Password or token for HTTP basic authentication on the external git host.

From 7269f058220e4b1b9cca73eb18d39a136804c7ba Mon Sep 17 00:00:00 2001
From: kenariosz <no-reply@oxid-esales.com>
Date: Tue, 24 Feb 2026 14:10:54 +0000
Subject: [PATCH 3/3] Update versions

---
 .github/workflows/universal_workflow_light.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/universal_workflow_light.yaml b/.github/workflows/universal_workflow_light.yaml
index 860ef186..e75afd86 100644
--- a/.github/workflows/universal_workflow_light.yaml
+++ b/.github/workflows/universal_workflow_light.yaml
@@ -308,7 +308,7 @@ jobs:
 
       - name: 'Prepare Shop'
         id: prepare_shop
-        uses: 'OXID-eSales/github-actions/prepare_shop@v0'
+        uses: 'OXID-eSales/github-actions/prepare_shop@v5'
         with:
           container_name: ${{ steps.iltp.outputs.install_container_name }}
           container_options: ${{ steps.iltp.outputs.install_container_options }}