search

actions / create-github-app-token

GitHub Action for creating a GitHub App Installation Access Token
https://github.com/marketplace/actions/create-github-app-token
MIT License
344 stars 47 forks source link

feat: `github-api-url` #88

Closed gr2m closed 7 months ago

gr2m commented 8 months ago

closes #77

gr2m commented 8 months ago

Hey just a quick update: I've been out for the past 3 weeks and back to work again, I hope to finish this up soon now, maybe during our pairing session with @parkerbxyz this week 😉

newbloke82 commented 7 months ago

Hi - thanks for working on this feature. Is it supposed to work the other way too? i.e. from GHES - getting an app token for GHEC? I have tried without success with the following test scenario....

---
name: test-ghec-token

on:
  workflow_dispatch: {}

jobs:
  test-token:
    runs-on: [self-hosted, ubuntu-latest]
    steps:
      - name: Get GHEC App Token
        uses: my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url
        id: ghec-app-token
        with:
          app-id: ${{ secrets.GHEC_APP_ID }}
          github-api-url: "https://api.github.com"
          private-key: ${{ secrets.GHEC_PRIVATE_KEY }}
          owner: my-ghec-org

      - name: Setup token for Python installation
        run: git config --global url."https://oauth2:${GH_TOKEN}@github.com".insteadOf https://github.com
        env:
          GH_TOKEN: ${{ steps.ghec-app-token.outputs.token }}

The logs show the requests all being sent to our GHES environment....

2024-01-22T16:11:49.6498228Z Download action repository 'my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url' (SHA:ca42fb1908475393527e8e581bf70fb5148d5627)
2024-01-22T16:11:50.3951985Z Complete job name: test-token
2024-01-22T16:11:50.4894833Z A job started hook has been configured by the self-hosted runner administrator
2024-01-22T16:11:50.5214439Z ##[group]Run '/etc/arc/hooks/job-started.sh'
2024-01-22T16:11:50.5239722Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2024-01-22T16:11:50.5240363Z ##[endgroup]
2024-01-22T16:11:50.5613541Z 2024-01-22 16:11:50.555  DEBUG --- Running ARC Job Started Hooks
2024-01-22T16:11:50.5614602Z 2024-01-22 16:11:50.557  DEBUG --- Running hook: /etc/arc/hooks/job-started.d/update-status
2024-01-22T16:11:50.6661730Z ##[group]Run my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url
2024-01-22T16:11:50.6662922Z with:
2024-01-22T16:11:50.6663668Z   app-id: ***
2024-01-22T16:11:50.6664207Z   github-api-url: https://api.github.com
2024-01-22T16:11:50.6698135Z   private-key: ***
2024-01-22T16:11:50.6698855Z   owner: my-ghec-org
2024-01-22T16:11:50.6699395Z ##[endgroup]
2024-01-22T16:11:50.7678291Z repositories not set, creating token for all repositories for given owner "my-ghec-org"
2024-01-22T16:11:51.0504395Z Failed to create token for "my-ghec-org" (attempt 1): Integration not found
2024-01-22T16:11:52.1487176Z Failed to create token for "my-ghec-org" (attempt 2): Integration not found
2024-01-22T16:11:54.2939493Z Failed to create token for "my-ghec-org" (attempt 3): Integration not found
2024-01-22T16:11:58.3961075Z Failed to create token for "my-ghec-org" (attempt 4): Integration not found
2024-01-22T16:11:58.4018864Z RequestError [HttpError]: Integration not found
2024-01-22T16:11:58.4020634Z     at /runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:2900:25
2024-01-22T16:11:58.4021798Z     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
2024-01-22T16:11:58.4023759Z     at async hook (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:9902:22)
2024-01-22T16:11:58.4156778Z ##[error]Integration not found
2024-01-22T16:11:58.4182158Z     at async getTokenFromOwner (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:10420:20)
2024-01-22T16:11:58.4185419Z     at async RetryOperation._fn (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:10328:24) {
2024-01-22T16:11:58.4187862Z   status: 404,
2024-01-22T16:11:58.4189448Z   response: {
2024-01-22T16:11:58.4191748Z     url: 'https://github.acme-inc.com/api/v3/users/my-ghec-org/installation',
2024-01-22T16:11:58.4194859Z     status: 404,

I've substituted the acme-inc.com url and the org names but this is what we are seeing in our enterprise environment.

kieran-lowe commented 7 months ago

Hi - thanks for working on this feature. Is it supposed to work the other way too? i.e. from GHES - getting an app token for GHEC? I have tried without success with the following test scenario....


---

name: test-ghec-token

on:

  workflow_dispatch: {}

jobs:

  test-token:

    runs-on: [self-hosted, ubuntu-latest]

    steps:

      - name: Get GHEC App Token

        uses: my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url

        id: ghec-app-token

        with:

          app-id: ${{ secrets.GHEC_APP_ID }}

          github-api-url: "https://api.github.com"

          private-key: ${{ secrets.GHEC_PRIVATE_KEY }}

          owner: my-ghec-org

      - name: Setup token for Python installation

        run: git config --global url."https://oauth2:${GH_TOKEN}@github.com".insteadOf https://github.com

        env:

          GH_TOKEN: ${{ steps.ghec-app-token.outputs.token }}

The logs show the requests all being sent to our GHES environment....


2024-01-22T16:11:49.6498228Z Download action repository 'my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url' (SHA:ca42fb1908475393527e8e581bf70fb5148d5627)

2024-01-22T16:11:50.3951985Z Complete job name: test-token

2024-01-22T16:11:50.4894833Z A job started hook has been configured by the self-hosted runner administrator

2024-01-22T16:11:50.5214439Z ##[group]Run '/etc/arc/hooks/job-started.sh'

2024-01-22T16:11:50.5239722Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}

2024-01-22T16:11:50.5240363Z ##[endgroup]

2024-01-22T16:11:50.5613541Z 2024-01-22 16:11:50.555  DEBUG --- Running ARC Job Started Hooks

2024-01-22T16:11:50.5614602Z 2024-01-22 16:11:50.557  DEBUG --- Running hook: /etc/arc/hooks/job-started.d/update-status

2024-01-22T16:11:50.6661730Z ##[group]Run my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url

2024-01-22T16:11:50.6662922Z with:

2024-01-22T16:11:50.6663668Z   app-id: ***

2024-01-22T16:11:50.6664207Z   github-api-url: https://api.github.com

2024-01-22T16:11:50.6698135Z   private-key: ***

2024-01-22T16:11:50.6698855Z   owner: my-ghec-org

2024-01-22T16:11:50.6699395Z ##[endgroup]

2024-01-22T16:11:50.7678291Z repositories not set, creating token for all repositories for given owner "my-ghec-org"

2024-01-22T16:11:51.0504395Z Failed to create token for "my-ghec-org" (attempt 1): Integration not found

2024-01-22T16:11:52.1487176Z Failed to create token for "my-ghec-org" (attempt 2): Integration not found

2024-01-22T16:11:54.2939493Z Failed to create token for "my-ghec-org" (attempt 3): Integration not found

2024-01-22T16:11:58.3961075Z Failed to create token for "my-ghec-org" (attempt 4): Integration not found

2024-01-22T16:11:58.4018864Z RequestError [HttpError]: Integration not found

2024-01-22T16:11:58.4020634Z     at /runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:2900:25

2024-01-22T16:11:58.4021798Z     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

2024-01-22T16:11:58.4023759Z     at async hook (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:9902:22)

2024-01-22T16:11:58.4156778Z ##[error]Integration not found

2024-01-22T16:11:58.4182158Z     at async getTokenFromOwner (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:10420:20)

2024-01-22T16:11:58.4185419Z     at async RetryOperation._fn (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:10328:24) {

2024-01-22T16:11:58.4187862Z   status: 404,

2024-01-22T16:11:58.4189448Z   response: {

2024-01-22T16:11:58.4191748Z     url: 'https://github.acme-inc.com/api/v3/users/my-ghec-org/installation',

2024-01-22T16:11:58.4194859Z     status: 404,

I've substituted the acme-inc.com url and the org names but this is what we are seeing in our enterprise environment.

We would like this behaviour too and have the same issue as @newbloke82. Would be good if possible to avoid having to use PATs.

gr2m commented 7 months ago

uses: my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url

note that the pull request does not update the bundled files that the action is using. The changes are in the source files only, but the actual code that is executed is in https://github.com/actions/create-github-app-token/tree/main/dist. The dist/ folder is updated automatically when pull requests are merged.

But let me update the dist files so you can test again. I'm planning on working on this with @parkerbxyz tomorrow afternoon US Pacific time

Update: updated dist files via https://github.com/actions/create-github-app-token/pull/88/commits/ab075fc3599d9860cee77356afe7cb37c17b8b12

newbloke82 commented 7 months ago

I tested the dist files and this works great from GHES to GHEC. Will test the other way soon.

create-app-token-action-releaser[bot] commented 7 months ago

:tada: This PR is included in version 1.7.0 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket:

kieran-lowe commented 7 months ago

uses: my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url

note that the pull request does not update the bundled files that the action is using. The changes are in the source files only, but the actual code that is executed is in https://github.com/actions/create-github-app-token/tree/main/dist. The dist/ folder is updated automatically when pull requests are merged.

But let me update the dist files so you can test again. I'm planning on working on this with @parkerbxyz tomorrow afternoon US Pacific time

Update: updated dist files via https://github.com/actions/create-github-app-token/pull/88/commits/ab075fc3599d9860cee77356afe7cb37c17b8b12

Well I feel a little silly haha! Can confirm tested from GHES to GHEC and was all good. Thanks a lot for the effort put into this and great to see it in a new release!