Fix authorization for fetching release and asset

dsaltares / fetch-gh-release-asset

Github Action to download an asset from a Github release

MIT License

114 stars 70 forks source link

Fix authorization for fetching release and asset #22

Closed geirsagberg closed 3 years ago

geirsagberg commented 3 years ago

Found the issue ref #20 and #17 : The authorization header was missing from the fetching of releases. This fixes it.

maciejp commented 3 years ago

@dsaltares This looks like a fix for https://github.com/dsaltares/fetch-gh-release-asset/issues/10 , would be great if you could review and merge it - having to generate a token is not a great solution.

dsaltares commented 3 years ago

Thanks and sorry it took me a while to review ❤️ .

maciejp commented 3 years ago

Thanks, @dsaltares. for merging it (and obviously @geirsagberg for implementing!), do you plan on releasing a new version soon or are there some other changes you want to do first?

dsaltares commented 3 years ago

@maciejp I don't have a lot of capacity to test this right now. Would you mind testing this new feature by pinning your action to the latest commit of this repo? It'd be great to get more confidence before actually making a new release.

maciejp commented 3 years ago

I've just tested it by creating a test action on a private repo:

name: Test

on:
  push:
    branches:
      - test

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: Get the latest release and download one of its files
        id: get_release_version
        uses: dsaltares/fetch-gh-release-asset@0efe227dedb360b09ea0e533795d584b61c461a9
        with:
          file: "test.json"
          token: ${{ secrets.GITHUB_TOKEN }}
      - name: Print version and file contents
        run: |
          echo ${{ steps.get_release_version.outputs.version }}
          cat test.json

the run was green and the output was as expected.

I was wondering if there's a way to add an action to this repo that would test this behaviour but, since it's only relevant to private repos, I don't think there's a way to do it...

dsaltares commented 3 years ago

the run was green and the output was as expected.

Thank you so much 🙏.

I was wondering if there's a way to add an action to this repo that would test this behaviour but, since it's only relevant to private repos, I don't think there's a way to do it...

Yeah, ideally we would set up some CI/CD for this action. I am open to any PRs that may take us in this direction, even if it doesn't cover all cases.

dsaltares commented 3 years ago

@maciejp just released a new version: https://github.com/dsaltares/fetch-gh-release-asset/releases/tag/0.06. Thanks!