#Module can't be used with HTTPS auth (on Windows) because dependency module has SSH URL

Am I forced to have the dependency module installed and authenticated via HTTPS, or is there something else I can do to let my Windows colleagues use my module?

@opal geode IIRC as long as the Windows users have git and ssh installed and configured, they should be able to pull the private ssh module. cc @ionic ember

what's the error you're currently seeing?

Hi,
We only support UNIX sockets atm. OpenSSH on Windows relies on named pipes, which we haven't ported yet. It's been on the todo for a while and we were mostly looking for user-driven use-cases

Creatign an issue:

oh! you're correct. Thx for reminding me about it 🙏

Here's the issue: https://github.com/dagger/dagger/issues/10934

Yes, thank you. I was aware of the lack of SSH support for Windows. To me the issue here is more that you can only influence the auth method of the first module in the dependency graph (the module you're directly calling). But if the module depends on another and that one does not happen to use the auth method you want, you're out of luck.

oooh, just saw the title, that's a good one

Is the dependency public or private and requires SSH auth ? Why not making the whole graph https in your use-case ?

But this raises a good point, to which I have no easy solution atm. Could you please make an issue out of that ?

My first intuition is:

1. this happens mostly with private modules being dependencies
2. if it breaks with a public dependency, on windows, using the ssh formatted ref, then it's definitely a bug
3. There's no easy solution ... ? 🤔

well.. it's pretty much by design. Doesn't the same thing happen with git submodules? If you have different submodules that have different protocols, the git command will attempt to use the corresponding auth method for each

in a private organization where you control how to authenticate against the different private modules, there should be some sort of pattern on which auth method to use

Basically, we like SSH in the majority of cases so that's how we made our modules. Now to support the couple of cases where HTTPS is required, I would have to break all the eatablished SSH use-cases. Granted, right now my reason for this is basically just Windows, so SSH support there would solve it. But there may be other reasons for people to prefer HTTPS over SSH.

There certainly can be a dictated auth method, not sure about "should" though. The way I see it, HTTPS and SSH are both secure protocols (mostly what I care about from org perspective) and each have their pros and cons that may inform an user's preference. I wouldn't want to limit people like that if it's not necessary.

Yeah this is true, and a good point. Git however does provide you with ways to work around it (at the very least I can think of using insteadOf in your config to replace URLs). With Dagger modules, I have no way to influence that (that I know of)

yeah true, having said that, I recall we have some logic for insteadOf in our git logic here: https://github.com/dagger/dagger/blob/997d9f7def31513953476de13b165f362d6a40dc/engine/session/git/git.go?plain=1#L162.

Not entirely sure if that's also used for module dep resolution. Would have to check that. Do you know @ionic ember ?

yeah.. this currently doesn't work for installing module dependencies. Having said that, we do support it to pull private Go packages so we should find a way to also enable that for module deps 🙏

@opal geode would you like to create an issue?

Sure, I'll have a look on Monday 👍