search

actions / action-versions

MIT License
17 stars 6 forks source link

Support for authenticating to private action repos #49

Open danpowell88 opened 2 months ago

danpowell88 commented 2 months ago

Using this inside of an organisation where the actions repo are internal or private the scripts are unable to clone the git repo as it expects them to be public.

Any chance we can add a way to specify auth details to push through to git?

I may take a look if/when I get a chance but wanted to get any ideas on implementation first

This is what happens currently

EXEC: git remote add origin https://github.com/my-org/actions.git
EXEC: git -c protocol.version=2 fetch --tags --no-recurse-submodules origin
fatal: could not read Username for 'https://github.com/': No such device or address
ERROR: Command exited with code 128
alec-drw commented 1 month ago

Also looking for this. Updating the remoteAdd function with:

await exec.exec('git', ['-c', `http.extraHeader=Authorization: Bearer ${github_token}`, 'remote', 'add', 'origin', `${github_prefix}${owner}/${repo}.git`])

Change the error to:

EXEC: git -c http.extraHeader=Authorization: *** remote add origin https://git.enterprise.com/actions/setup-docker-environment.git
EXEC: git -c protocol.version=2 -c http.extraHeader=Authorization: *** fetch --tags --no-recurse-submodules origin
fatal: unable to access 'https://git.enterprise.com/actions/setup-docker-environment.git/': The requested URL returned error: 400

But still no success 👎

alec-drw commented 1 month ago

@danpowell88 FWIW I did figure this out - I ended up making a decent amount of edits to support caching of actions that are stored on an on-prem Github Enterprise Server instance, however I had to setup auth for public github.com too. As long as your github token has the required permissions this should work for you:

- name: Run add action script
  env:
    GITHUB_TOKEN_EXTERNAL: ${{ secrets.GITHUB_CLOUD_PAT }}
  run: |
    git config --local user.email "4github-actions@users.noreply.github.com"
    git config --local user.name "github-actions"

    export GITHUB_TOKEN=$GITHUB_TOKEN_EXTERNAL
    git config --global "url.https://${GITHUB_TOKEN}@github.com.insteadof" "https://github.com"

    ./script/add-action.sh ${{ inputs.action-author }}/${{ inputs.action-name }}