sethvargo
commented
2 years ago Duplicate of https://github.com/google-github-actions/auth/issues/60. Let's track there.
Closed PSchnurbus24 closed 2 years ago
sethvargo
commented
2 years ago Duplicate of https://github.com/google-github-actions/auth/issues/60. Let's track there.
TL;DR
Authentication not working.
Expected behavior Authentication working
Observed behavior Error message: Error code invalid_request: Invalid value for "audience". This value should be the full resource name of the Identity Provider.
Log output: ... 2021-11-25T10:56:54.1700966Z ##[group]Run Azure/setup-helm@v1 2021-11-25T10:56:54.1701558Z with: 2021-11-25T10:56:54.1702264Z version: latest 2021-11-25T10:56:54.1703636Z token: 2021-11-25T10:56:54.1704095Z ##[endgroup] 2021-11-25T10:56:54.8879838Z [command]/usr/bin/unzip /runner/_work/_temp/58849993-fd5c-4ab5-abc4-104b3971a64e 2021-11-25T10:56:54.8935878Z Archive: /runner/_work/_temp/58849993-fd5c-4ab5-abc4-104b3971a64e 2021-11-25T10:56:54.8936965Z creating: linux-amd64/ 2021-11-25T10:56:55.3254040Z inflating: linux-amd64/helm
2021-11-25T10:56:55.3255721Z inflating: linux-amd64/LICENSE
2021-11-25T10:56:55.3256624Z inflating: linux-amd64/README.md
2021-11-25T10:56:55.3722249Z Helm tool version: 'v3.7.1' has been cached at /opt/hostedtoolcache/helm/3.7.1/x64/linux-amd64/helm 2021-11-25T10:56:55.3868601Z ##[group]Run imranismail/setup-kustomize@v1 2021-11-25T10:56:55.3869267Z with: 2021-11-25T10:56:55.3869834Z kustomize-version: 2021-11-25T10:56:55.3871094Z github-token: ** 2021-11-25T10:56:55.3871697Z ##[endgroup] 2021-11-25T10:56:58.3276943Z [command]/usr/bin/tar xz --warning=no-unknown-keyword -C /runner/_work/_temp/7697b7b5-5fda-466f-a62d-f01963fcc8b8 -f /runner/_work/_temp/007fb0c6-015f-4f22-936c-93fded359dd6 2021-11-25T10:56:58.5056382Z ##[group]Run google-github-actions/auth@v0.4.0 2021-11-25T10:56:58.5057102Z with: 2021-11-25T10:56:58.5057662Z create_credentials_file: true 2021-11-25T10:56:58.5058853Z workload_identity_provider: projects/my-project-id/locations/global/workloadIdentityPools/my-pool 2021-11-25T10:56:58.5060384Z service_account: sa@my-project.iam.gserviceaccount.com 2021-11-25T10:56:58.5061528Z access_token_lifetime: 3600s 2021-11-25T10:56:58.5062706Z access_token_scopes: https://www.googleapis.com/auth/cloud-platform 2021-11-25T10:56:58.5063857Z id_token_include_email: false 2021-11-25T10:56:58.5064437Z ##[endgroup] 2021-11-25T10:56:58.8492382Z 2021-11-25T10:56:58.8546259Z 2021-11-25T10:56:58.8687953Z ##[group]Run google-github-actions/get-gke-credentials@v0.4.0 2021-11-25T10:56:58.8688817Z with: 2021-11-25T10:56:58.8689857Z cluster_name: 2021-11-25T10:56:58.8690503Z location: *** 2021-11-25T10:56:58.8691058Z use_internal_ip: true 2021-11-25T10:56:58.8691712Z env: 2021-11-25T10:56:58.8692531Z CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE: /runner/_work/_temp/a5520593b49a4ffa6da5932b 2021-11-25T10:56:58.8694030Z GOOGLE_APPLICATION_CREDENTIALS: /runner/_work/_temp/a5520593b49a4ffa6da5932b 2021-11-25T10:56:58.8695008Z CLOUDSDK_PROJECT: my-project 2021-11-25T10:56:58.8696101Z CLOUDSDK_CORE_PROJECT: my-project 2021-11-25T10:56:58.8697008Z GCP_PROJECT: my-project 2021-11-25T10:56:58.8697702Z GCLOUD_PROJECT: my-project 2021-11-25T10:56:58.8698438Z GOOGLE_CLOUD_PROJECT: my-project 2021-11-25T10:56:58.8699086Z ##[endgroup] 2021-11-25T10:56:58.9757275Z Setting project Id from $GCLOUD_PROJECT 2021-11-25T10:56:59.6195740Z ##[error]Error code invalid_request: Invalid value for "audience". This value should be the full resource name of the Identity Provider. See https://cloud.google.com/iam/docs/reference/sts/rest/v1/TopLevel/token for the list of possible formats. 2021-11-25T10:56:59.6558670Z Post job cleanup.
Reproduction
Action YAML
Repository private repository
Additional information self-hosted runner managed by https://github.com/actions-runner-controller/actions-runner-controller with default image