Closed gr2m closed 7 months ago
Hey just a quick update: I've been out for the past 3 weeks and back to work again, I hope to finish this up soon now, maybe during our pairing session with @parkerbxyz this week 😉
Hi - thanks for working on this feature. Is it supposed to work the other way too? i.e. from GHES - getting an app token for GHEC? I have tried without success with the following test scenario....
---
name: test-ghec-token
on:
workflow_dispatch: {}
jobs:
test-token:
runs-on: [self-hosted, ubuntu-latest]
steps:
- name: Get GHEC App Token
uses: my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url
id: ghec-app-token
with:
app-id: ${{ secrets.GHEC_APP_ID }}
github-api-url: "https://api.github.com"
private-key: ${{ secrets.GHEC_PRIVATE_KEY }}
owner: my-ghec-org
- name: Setup token for Python installation
run: git config --global url."https://oauth2:${GH_TOKEN}@github.com".insteadOf https://github.com
env:
GH_TOKEN: ${{ steps.ghec-app-token.outputs.token }}
The logs show the requests all being sent to our GHES environment....
2024-01-22T16:11:49.6498228Z Download action repository 'my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url' (SHA:ca42fb1908475393527e8e581bf70fb5148d5627)
2024-01-22T16:11:50.3951985Z Complete job name: test-token
2024-01-22T16:11:50.4894833Z A job started hook has been configured by the self-hosted runner administrator
2024-01-22T16:11:50.5214439Z ##[group]Run '/etc/arc/hooks/job-started.sh'
2024-01-22T16:11:50.5239722Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2024-01-22T16:11:50.5240363Z ##[endgroup]
2024-01-22T16:11:50.5613541Z [0;37m2024-01-22 16:11:50.555 DEBUG --- Running ARC Job Started Hooks[0m
2024-01-22T16:11:50.5614602Z [0;37m2024-01-22 16:11:50.557 DEBUG --- Running hook: /etc/arc/hooks/job-started.d/update-status[0m
2024-01-22T16:11:50.6661730Z ##[group]Run my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url
2024-01-22T16:11:50.6662922Z with:
2024-01-22T16:11:50.6663668Z app-id: ***
2024-01-22T16:11:50.6664207Z github-api-url: https://api.github.com
2024-01-22T16:11:50.6698135Z private-key: ***
2024-01-22T16:11:50.6698855Z owner: my-ghec-org
2024-01-22T16:11:50.6699395Z ##[endgroup]
2024-01-22T16:11:50.7678291Z repositories not set, creating token for all repositories for given owner "my-ghec-org"
2024-01-22T16:11:51.0504395Z Failed to create token for "my-ghec-org" (attempt 1): Integration not found
2024-01-22T16:11:52.1487176Z Failed to create token for "my-ghec-org" (attempt 2): Integration not found
2024-01-22T16:11:54.2939493Z Failed to create token for "my-ghec-org" (attempt 3): Integration not found
2024-01-22T16:11:58.3961075Z Failed to create token for "my-ghec-org" (attempt 4): Integration not found
2024-01-22T16:11:58.4018864Z RequestError [HttpError]: Integration not found
2024-01-22T16:11:58.4020634Z at /runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:2900:25
2024-01-22T16:11:58.4021798Z at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
2024-01-22T16:11:58.4023759Z at async hook (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:9902:22)
2024-01-22T16:11:58.4156778Z ##[error]Integration not found
2024-01-22T16:11:58.4182158Z at async getTokenFromOwner (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:10420:20)
2024-01-22T16:11:58.4185419Z at async RetryOperation._fn (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:10328:24) {
2024-01-22T16:11:58.4187862Z status: 404,
2024-01-22T16:11:58.4189448Z response: {
2024-01-22T16:11:58.4191748Z url: 'https://github.acme-inc.com/api/v3/users/my-ghec-org/installation',
2024-01-22T16:11:58.4194859Z status: 404,
I've substituted the acme-inc.com url and the org names but this is what we are seeing in our enterprise environment.
Hi - thanks for working on this feature. Is it supposed to work the other way too? i.e. from GHES - getting an app token for GHEC? I have tried without success with the following test scenario....
--- name: test-ghec-token on: workflow_dispatch: {} jobs: test-token: runs-on: [self-hosted, ubuntu-latest] steps: - name: Get GHEC App Token uses: my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url id: ghec-app-token with: app-id: ${{ secrets.GHEC_APP_ID }} github-api-url: "https://api.github.com" private-key: ${{ secrets.GHEC_PRIVATE_KEY }} owner: my-ghec-org - name: Setup token for Python installation run: git config --global url."https://oauth2:${GH_TOKEN}@github.com".insteadOf https://github.com env: GH_TOKEN: ${{ steps.ghec-app-token.outputs.token }}
The logs show the requests all being sent to our GHES environment....
2024-01-22T16:11:49.6498228Z Download action repository 'my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url' (SHA:ca42fb1908475393527e8e581bf70fb5148d5627) 2024-01-22T16:11:50.3951985Z Complete job name: test-token 2024-01-22T16:11:50.4894833Z A job started hook has been configured by the self-hosted runner administrator 2024-01-22T16:11:50.5214439Z ##[group]Run '/etc/arc/hooks/job-started.sh' 2024-01-22T16:11:50.5239722Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0} 2024-01-22T16:11:50.5240363Z ##[endgroup] 2024-01-22T16:11:50.5613541Z [0;37m2024-01-22 16:11:50.555 DEBUG --- Running ARC Job Started Hooks[0m 2024-01-22T16:11:50.5614602Z [0;37m2024-01-22 16:11:50.557 DEBUG --- Running hook: /etc/arc/hooks/job-started.d/update-status[0m 2024-01-22T16:11:50.6661730Z ##[group]Run my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url 2024-01-22T16:11:50.6662922Z with: 2024-01-22T16:11:50.6663668Z app-id: *** 2024-01-22T16:11:50.6664207Z github-api-url: https://api.github.com 2024-01-22T16:11:50.6698135Z private-key: *** 2024-01-22T16:11:50.6698855Z owner: my-ghec-org 2024-01-22T16:11:50.6699395Z ##[endgroup] 2024-01-22T16:11:50.7678291Z repositories not set, creating token for all repositories for given owner "my-ghec-org" 2024-01-22T16:11:51.0504395Z Failed to create token for "my-ghec-org" (attempt 1): Integration not found 2024-01-22T16:11:52.1487176Z Failed to create token for "my-ghec-org" (attempt 2): Integration not found 2024-01-22T16:11:54.2939493Z Failed to create token for "my-ghec-org" (attempt 3): Integration not found 2024-01-22T16:11:58.3961075Z Failed to create token for "my-ghec-org" (attempt 4): Integration not found 2024-01-22T16:11:58.4018864Z RequestError [HttpError]: Integration not found 2024-01-22T16:11:58.4020634Z at /runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:2900:25 2024-01-22T16:11:58.4021798Z at process.processTicksAndRejections (node:internal/process/task_queues:95:5) 2024-01-22T16:11:58.4023759Z at async hook (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:9902:22) 2024-01-22T16:11:58.4156778Z ##[error]Integration not found 2024-01-22T16:11:58.4182158Z at async getTokenFromOwner (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:10420:20) 2024-01-22T16:11:58.4185419Z at async RetryOperation._fn (/runner/_work/_actions/my-ghes-org/create-github-app-token/77-feat-support-overriding-github-api-url/dist/main.cjs:10328:24) { 2024-01-22T16:11:58.4187862Z status: 404, 2024-01-22T16:11:58.4189448Z response: { 2024-01-22T16:11:58.4191748Z url: 'https://github.acme-inc.com/api/v3/users/my-ghec-org/installation', 2024-01-22T16:11:58.4194859Z status: 404,
I've substituted the acme-inc.com url and the org names but this is what we are seeing in our enterprise environment.
We would like this behaviour too and have the same issue as @newbloke82. Would be good if possible to avoid having to use PATs.
uses: my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url
note that the pull request does not update the bundled files that the action is using. The changes are in the source files only, but the actual code that is executed is in https://github.com/actions/create-github-app-token/tree/main/dist. The dist/
folder is updated automatically when pull requests are merged.
But let me update the dist files so you can test again. I'm planning on working on this with @parkerbxyz tomorrow afternoon US Pacific time
Update: updated dist files via https://github.com/actions/create-github-app-token/pull/88/commits/ab075fc3599d9860cee77356afe7cb37c17b8b12
I tested the dist files and this works great from GHES to GHEC. Will test the other way soon.
:tada: This PR is included in version 1.7.0 :tada:
The release is available on GitHub release
Your semantic-release bot :package::rocket:
uses: my-ghes-org/create-github-app-token@77-feat-support-overriding-github-api-url
note that the pull request does not update the bundled files that the action is using. The changes are in the source files only, but the actual code that is executed is in https://github.com/actions/create-github-app-token/tree/main/dist. The
dist/
folder is updated automatically when pull requests are merged.But let me update the dist files so you can test again. I'm planning on working on this with @parkerbxyz tomorrow afternoon US Pacific time
Update: updated dist files via https://github.com/actions/create-github-app-token/pull/88/commits/ab075fc3599d9860cee77356afe7cb37c17b8b12
Well I feel a little silly haha! Can confirm tested from GHES to GHEC and was all good. Thanks a lot for the effort put into this and great to see it in a new release!
closes #77