Builds failing due to unallowed composer plugins

Ditto, I’m getting the same error as well.

same errors here.

Looks like it's new composer requirements, see https://magento.stackexchange.com/questions/352353/why-composer-install-.... Is it as simple as adding composer-patches to the allow-plugins?

{
    "config": {
        "allow-plugins": {
            "cweagans/composer-patches": true
        }
    }
}

I see that the Umami demo build works, but I'm not able to apply patches.
I tried
https://www.drupal.org/project/drupal/issues/3268983 with https://www.drupal.org/files/issues/2022-07-12/core-3268983-43-10.x.patch

and
https://www.drupal.org/project/drupal/issues/2350939 with https://www.drupal.org/files/issues/2022-06-23/2350939-228.patch

and the build ended in an error both times:

In PluginManager.php line 762:
                                                                               
  cweagans/composer-patches contains a Composer plugin which is blocked by yo  
  ur allow-plugins config. You may add it to the list if you consider it safe.                                                                            
  You can run "composer config --no-plugins allow-plugins.cweagans/composer-patches [true|false]" to enable it (true) or disable it explicitly and suppress this exception (false) 
  See https://getcomposer.org/allow-plugins

I didn't notice this existing issue before I created a duplicate #3295760: Builds are failing due to "allowed plugins" and submitted a patch over there.

I started an issue fork to fix the issues. I have one commit that allows the composer-patches related plugins, which fixes the errors described here and in other issues. I think this would fix the majority of users problems.

I think there are other potential problems I'm not able to test so I'm not willing to say this is ready yet:

• On Drupal 8 installs, zaporylie/composer-drupal-optimizations gets installed which may also be a plugin that needs allowed
• All the projects are based on the drupal/recommended-project template, but only versions 9.3.18+ have been updated to allow the core plugins. So if a version less than that is selected the tugboat build will still fail unless we explicitly also tell composer to allow those.

I'm getting the same error when trying to test a contrib module patch

 Package operations: 2 installs, 0 updates, 0 removals
- Downloading cweagans/composer-patches (1.7.2)
- Downloading szeidler/composer-patches-cli (1.0.6)
0/2 [>---------------------------]   0%
1/2 [==============>-------------]  50%
2/2 [============================] 100%
In PluginManager.php line 769:
                                                                               
  cweagans/composer-patches contains a Composer plugin which is blocked by yo  
  ur allow-plugins config. You may add it to the list if you consider it safe  
  .                                                                            
  You can run "composer config --no-plugins allow-plugins.cweagans/composer-p  
  atches [true|false]" to enable it (true) or disable it explicitly and suppr  
  ess this exception (false)                                                   
  See https://getcomposer.org/allow-plugins
require [--dev] [--dry-run] [--prefer-source] [--prefer-dist] [--prefer-install PREFER-INSTALL] [--fixed] [--no-suggest] [--no-progress] [--no-update] [--no-install] [--update-no-dev] [-w|--update-with-dependencies] [-W|--update-with-all-dependencies] [--with-dependencies] [--with-all-dependencies] [--ignore-platform-req IGNORE-PLATFORM-REQ] [--ignore-platform-reqs] [--prefer-stable] [--prefer-lowest] [--sort-packages] [-o|--optimize-autoloader] [-a|--classmap-authoritative] [--apcu-autoloader] [--apcu-autoloader-prefix APCU-AUTOLOADER-PREFIX] [--] [<packages>...]
Command Failed (Tugboat Error 1064): Exit code (1)

I'm getting this error when trying to launch Drupal 9.3.18 with Admin Toolbar module

In PluginManager.php line 769:
                                                                               
  cweagans/composer-patches contains a Composer plugin which is blocked by yo
ur allow-plugins config. You may add it to the list if you consider it safe  
  .                                                                            
  You can run "composer config --no-plugins allow-plugins.cweagans/composer-p  
  atches [true|false]" to enable it (true) or disable it explicitly and suppr
ess this exception (false)                                                   
  See https://getcomposer.org/allow-plugins

Also got this issue just now, trying to make a build with the link_target module, all other options default: core 9.4.4, standard profile, manual installation unchecked, and probably notably: no patches.

Also tried other things, like using slightly older core, trying Umami or minimal, trying manual installation, even trying to apply @rocketeerbkw's patch itself (probably too incorrectly meta, haha ... I suppose it's diffing against something simplytest runs on, not that it's trying to install), but no dice.

The one-click Umami (without link_target) still worked, but then I didn't have the module I was trying to test. (Before simplytest.me, I was originally trying from a throwaway Pantheon instance in SFTP mode, but that was giving me fatal memory size errors when just trying to save a Form Display edit, so don't know if that's related to link_target, or today's Pantheon service degradations, or what; I just know everything's broken today, haha).

Also see this. Basic core 9.4.5 installation. No 3-part modules and other custom settings.

62ed0fbafe6282831398182d# /bin/sh -c ln -snf "${TUGBOAT_ROOT}/stm/web" "${DOCROOT}"
62ed0fbafe6282831398182d# /bin/sh -c echo "SIMPLYEST_STAGE_DOWNLOAD"
SIMPLYEST_STAGE_DOWNLOAD
62ed0fbafe6282831398182d# /bin/sh -c composer global require szeidler/composer-patches-cli:~1.0
Changed current directory to /root/.composer
./composer.json has been created
Running composer update szeidler/composer-patches-cli
Loading composer repositories with package information
Updating dependencies
Lock file operations: 2 installs, 0 updates, 0 removals
  - Locking cweagans/composer-patches (1.7.2)
  - Locking szeidler/composer-patches-cli (1.0.6)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 2 installs, 0 updates, 0 removals
- Downloading cweagans/composer-patches (1.7.2)
- Downloading szeidler/composer-patches-cli (1.0.6)
0/2 [>---------------------------]   0%
2/2 [============================] 100%
In PluginManager.php line 769:
                                                                               
  cweagans/composer-patches contains a Composer plugin which is blocked by yo  
  ur allow-plugins config. You may add it to the list if you consider it safe  
  .                                                                            
  You can run "composer config --no-plugins allow-plugins.cweagans/composer-p  
  atches [true|false]" to enable it (true) or disable it explicitly and suppr  
  ess this exception (false)
See https://getcomposer.org/allow-plugins
require [--dev] [--dry-run] [--prefer-source] [--prefer-dist] [--prefer-install PREFER-INSTALL] [--fixed] [--no-suggest] [--no-progress] [--no-update] [--no-install] [--update-no-dev] [-w|--update-with-dependencies] [-W|--update-with-all-dependencies] [--with-dependencies] [--with-all-dependencies] [--ignore-platform-req IGNORE-PLATFORM-REQ] [--ignore-platform-reqs] [--prefer-stable] [--prefer-lowest] [--sort-packages] [-o|--optimize-autoloader] [-a|--classmap-authoritative] [--apcu-autoloader] [--apcu-autoloader-prefix APCU-AUTOLOADER-PREFIX] [--] [<packages>...]
Command Failed (Tugboat Error 1064): Exit code (1)

The same is happening with Drupal Commerce.

This may be the error:

In PluginManager.php line 769:
                                                                               
  cweagans/composer-patches contains a Composer plugin which is blocked by yo  
  ur allow-plugins config. You may add it to the list if you consider it safe  
  .                                                                            
  You can run "composer config --no-plugins allow-plugins.cweagans/composer-p  
  atches [true|false]" to enable it (true) or disable it explicitly and suppr  
  ess this exception (false)                                                   
  See https://getcomposer.org/allow-plugins                                    
                                                                               

create-project [-s|--stability STABILITY] [--prefer-source] [--prefer-dist] [--prefer-install PREFER-INSTALL] [--repository REPOSITORY] [--repository-url REPOSITORY-URL] [--add-repository] [--dev] [--no-dev] [--no-custom-installers] [--no-scripts] [--no-progress] [--no-secure-http] [--keep-vcs] [--remove-vcs] [--no-install] [--ignore-platform-req IGNORE-PLATFORM-REQ] [--ignore-platform-reqs] [--ask] [--] [<package> [<directory> [<version>]]]

Bumping Issue to Critical as we can no longer spin-up new instance on simplytest.me

Marking as needs review

I no longer get the error regarding allowed plugins but the build process seems to stop without redirecting to the login page of the built container.
https://simplytest.me/tugboat/progress/62f97607a476796b1cdc50b4/62f97607...
Last lines of build process:

Created project in /var/lib/tugboat/stm
62f97608fe62828313dcdc5c# /bin/sh -c cd stm && composer config minimum-stability dev
62f97608fe62828313dcdc5c# /bin/sh -c cd stm && composer config prefer-stable true
62f97608fe62828313dcdc5c# /bin/sh -c cd stm && composer require --dev --no-update drupal/core:9.3.21 drupal/core-dev:9.3.21
./composer.json has been updated
62f97608fe62828313dcdc5c# /bin/sh -c cd stm && composer require --dev --no-update phpspec/prophecy-phpunit:^2
./composer.json has been updated
62f97608fe62828313dcdc5c# /bin/sh -c cd stm && composer require --no-update drush/drush
Using version ^11.1 for drush/drush
./composer.json has been updated
62f97608fe62828313dcdc5c# /bin/sh -c ln -snf "${TUGBOAT_ROOT}/stm/web" "${DOCROOT}"

+1 to MR

Just tried again today (FWIW this time trying to include linked_field and linkicon projects) and I'm still getting failed builds regarding allow-plugins and composer-patches, but I don't know if that's because the MR is not yet live and to use it I would need to run things from a different location or something?

FWIW, still getting failed builds due to allowed plugins, in this case trying Feeds module on core 9.3.21.

SIMPLYEST_STAGE_DOWNLOAD
6304838919770b441aa18bc6# /bin/sh -c composer global require szeidler/composer-patches-cli:~1.0
Changed current directory to /root/.composer
./composer.json has been created
Running composer update szeidler/composer-patches-cli
Loading composer repositories with package information
Updating dependencies
Lock file operations: 2 installs, 0 updates, 0 removals
  - Locking cweagans/composer-patches (1.7.2)
  - Locking szeidler/composer-patches-cli (1.0.6)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 2 installs, 0 updates, 0 removals
- Downloading cweagans/composer-patches (1.7.2)
- Downloading szeidler/composer-patches-cli (1.0.6)
0/2 [>---------------------------]   0%
1/2 [==============>-------------]  50%
2/2 [============================] 100%
In PluginManager.php line 744:
                                                                               
  cweagans/composer-patches (installed globally) contains a Composer plugin w  
  hich is blocked by your allow-plugins config. You may add it to the list if  
   you consider it safe.                                                       
  You can run "composer global config --no-plugins allow-plugins.cweagans/com  
  poser-patches [true|false]" to enable it (true) or disable it explicitly an  
  d suppress this exception (false)                                            
  See https://getcomposer.org/allow-plugins
require [--dev] [--dry-run] [--prefer-source] [--prefer-dist] [--prefer-install PREFER-INSTALL] [--fixed] [--no-suggest] [--no-progress] [--no-update] [--no-install] [--no-audit] [--audit-format AUDIT-FORMAT] [--update-no-dev] [-w|--update-with-dependencies] [-W|--update-with-all-dependencies] [--with-dependencies] [--with-all-dependencies] [--ignore-platform-req IGNORE-PLATFORM-REQ] [--ignore-platform-reqs] [--prefer-stable] [--prefer-lowest] [--sort-packages] [-o|--optimize-autoloader] [-a|--classmap-authoritative] [--apcu-autoloader] [--apcu-autoloader-prefix APCU-AUTOLOADER-PREFIX] [--] [<packages>...]
Command Failed (Tugboat Error 1064): Exit code (1)

I’m still getting the same error too when trying to test a contrib module (viewfield). The error is below:

This may be the error:

In PluginManager.php line 744:
                                                                               
  cweagans/composer-patches (installed globally) contains a Composer plugin w  
  hich is blocked by your allow-plugins config. You may add it to the list if  
   you consider it safe.                                                       
  You can run "composer global config --no-plugins allow-plugins.cweagans/com  
  poser-patches [true|false]" to enable it (true) or disable it explicitly an  
  d suppress this exception (false)                                            
  See https://getcomposer.org/allow-plugins                                    
                                                                               

require [--dev] [--dry-run] [--prefer-source] [--prefer-dist] [--prefer-install PREFER-INSTALL] [--fixed] [--no-suggest] [--no-progress] [--no-update] [--no-install] [--no-audit] [--audit-format AUDIT-FORMAT] [--update-no-dev] [-w|--update-with-dependencies] [-W|--update-with-all-dependencies] [--with-dependencies] [--with-all-dependencies] [--ignore-platform-req IGNORE-PLATFORM-REQ] [--ignore-platform-reqs] [--prefer-stable] [--prefer-lowest] [--sort-packages] [-o|--optimize-autoloader] [-a|--classmap-authoritative] [--apcu-autoloader] [--apcu-autoloader-prefix APCU-AUTOLOADER-PREFIX] [--] [<packages>...]

This is fixed per the work in #3308715