Added support to install gems from private repositories. (#20)

* setting git config to install private gems

Signed-off-by: nikhil2611 <ngupta@progress.com>

* updated with github config in sbom.yml also

Signed-off-by: nikhil2611 <ngupta@progress.com>

* updated the var name

Signed-off-by: nikhil2611 <ngupta@progress.com>

* Security: Replace git config with bundler config for gem credentials

Signed-off-by: nikhil2611 <ngupta@progress.com>

* testing with feature branch

Signed-off-by: nikhil2611 <ngupta@progress.com>

* reverted back to main

Signed-off-by: nikhil2611 <ngupta@progress.com>

* added the condition for PRIVATE_ACCESS_KITCHEN_CHEF_ENTERPRISE

Signed-off-by: nikhil2611 <ngupta@progress.com>

* making logs better

Signed-off-by: nikhil2611 <ngupta@progress.com>

* updating to feature branch to test the changes

Signed-off-by: nikhil2611 <ngupta@progress.com>

* revert back to main

Signed-off-by: nikhil2611 <ngupta@progress.com>

---------

Signed-off-by: nikhil2611 <ngupta@progress.com>

Author: nikhil2611

.github/workflows/ci-main-pull-request.yml

@@ -983,6 +983,17 @@ jobs:
         uses: ruby/setup-ruby@v1
         with:
           ruby-version: '3.4'
+          bundler-cache: false
+
+      - name: Configure Bundler for private Ruby gems
+        if: ${{ inputs.language == 'ruby' && inputs.build-profile == 'cli' }}
+        run: |
+          if [ -z "${{ secrets.PRIVATE_ACCESS_KITCHEN_CHEF_ENTERPRISE }}" ]; then
+            echo "Skipping: PRIVATE_ACCESS_KITCHEN_CHEF_ENTERPRISE secret not configured or not in scope"
+            exit 0
+          fi
+          bundle config set --local github.com "x-access-token:${{ secrets.PRIVATE_ACCESS_KITCHEN_CHEF_ENTERPRISE }}"
+
       - name: 'Ruby build'
         if: ${{ inputs.language == 'ruby' && inputs.build-profile == 'cli' }}
         continue-on-error: true

.github/workflows/sbom.yml

@@ -241,6 +241,15 @@ jobs:
           bundler-cache: false
           working-directory: ${{ inputs.ruby-app-directory != '' && inputs.ruby-app-directory || '.' }}
 
+      - name: Configure Bundler for private Ruby gems
+        if: ${{ inputs.run-bundle-install == true && inputs.language == 'ruby' }}
+        run: |
+          if [ -z "${{ secrets.PRIVATE_ACCESS_KITCHEN_CHEF_ENTERPRISE }}" ]; then
+            echo "Skipping: PRIVATE_ACCESS_KITCHEN_CHEF_ENTERPRISE secret not configured or not in scope"
+            exit 0
+          fi
+          bundle config set --local github.com "x-access-token:${{ secrets.PRIVATE_ACCESS_KITCHEN_CHEF_ENTERPRISE }}"
+
       - name: Set up Erlang/OTP and rebar3
         if: inputs.language == 'erlang'
         uses: erlef/setup-beam@v1