Btw, just to say, I'm also open to alternative solutions here. Not hell-bend on the protocol flag. Just looking for a clean and seamless way to create a repo for the user and push the main branch onto the repo.

@driesvints I think I would rather see this an an environment variable that all git invocations respect than a command flag since that would entail editing all existing commands that have git functionality to use this new flag.

As a temporary solution thought, since this is an automated script, could you not retrieve the current users git_protocol preference with gh config get git_protocol and if it is https then set it to ssh and when the pushing finishes reset the git_protocol back?

As a temporary solution thought, since this is an automated script, could you not retrieve the current users git_protocol preference with gh config get git_protocol and if it is https then set it to ssh and when the pushing finishes reset the git_protocol back?

Thanks for thinking on this! I'm not sure if that's the right solution. If any of the commands fail between the calls, it could leave the user's preference in an unwanted state.

like @samcoe , I would also rather see this feature begin its life as an environment variable since that is consistent with the way we override other configurable things. does that work for you, @driesvints ?

Something like this?

GH_PROTOCOL=ssh gh repo create

@driesvints yep

Sounds perfect to me 👍

@driesvints Keep in mind that once #2944 gets solved, gh repo create and similar gh commands will never cause a git authentication prompt since HTTPS traffic will be guaranteed to be authenticated.

I'm not opposed to something like a --protocol flag or the GH_PROTOCOL environment variable, but in the case of gh repo create, it feels like it solving the wrong problem. If the user has indicated that they prefer https remotes, then your automated script explicitly creating ssh repositories for them goes against their preferences. So I would vote for always respecting the user's preferences, but making sure that their git fetches/pushes are authenticated even if they haven't set up a git credential helper.

Ref. #2189

@mislav I fully agree with you here. The main problem that I'm trying to prevent is users getting prompted for authentication when they're already properly authenticated through the GitHub CLI. So if this can be solved differently and without a flag then that's fine by me 👍

Feel free to close this if you want.

@driesvints Which operations other than gh repo create does your script do that may trigger git network requests? Knowing your script's needs would be helpful to us for ensuring that we can properly authenticate git operations. Thank you!

Only gh repo create from this PR: https://github.com/laravel/installer/pull/185/files#diff-80009ae2f5723cd34d5f864eb4cc5e9a09425ad1ba21dca95f0e32bfb7968e83R268

@driesvints Thank you! It looks like you git push to the created repo right after. I wonder if we could provide some kind of functionality from gh to ensure all your pushes from scripts are authenticated even if the person who is running the script is not set up with git credential caching.

For now, you could do a git push like this:

GIT_TERMINAL_PROMPT=0 git -c credential.helper= -c credential.helper='!gh auth git-credential' push

Yes, it's verbose, but it's relatively safe to do and will ensure that as long as gh is authenticated (either via ~/.config/gh/hosts.yml or GITHUB_TOKEN), git pushes will work as well. No need to switch to ssh remotes just to avoid authentication prompts. The addition of GIT_TERMINAL_PROMPT=0 ensures that when gh is not authenticated, the git command will error out instead of prompt for credentials. This makes it suitable for scripts.

@mislav thanks a lot for that. I've sent in a PR to do just that: laravel/installer#191

I think related to this entire thread is that it would be cool if gh repo create could also push the HEAD branch that was active at the time of the repo create. That would also solve a lot for us.

Something like gh repo create --with-head, gh repo create --with-branch or gh repo create -b?

@driesvints I do like the create-and-push idea! You are welcome to submit that as a separate feature request.

BTW we can still consider the per-invocation --protocol flag or environment variable, but I just didn't think it was a good fit for this exact use case. We do want to improve how we handle git authentication and have flexible functionality to meet our users' needs, so all this feedback and extra perspective that you're providing is is great. Thank you! ✨

@mislav done: #3209

You're welcome :)

@mislav we unfortunately had to revert your suggestion for the installer because it would only work on WSL for Windows. Our installer is intended to work for Windows in general. So we're back at square one I'm afraid.

@driesvints Thanks for letting me know. I don't see why that approach wouldn't work outside of WSL, but I must admit I haven't tested it on Windows. I will report back with my findings