Closed n0rdy closed 1 year ago
Thanks for your detailed report. I'm not able to test this action on GitHub Enterprise, so it's quite possible you've discovered a genuine issue.
It looks like we'll need to initialize Oktokit
with your GitHub Enterprise server URL: https://github.com/octokit/octokit.js#constructor-options.
The value should be available in the [GITHUB_SERVER_URL](https://docs.github.com/en/enterprise-cloud@latest/actions/learn-github-actions/variables#default-environment-variables)
environment variable.
If you could fork the action, try this out, and submit a PR, that would really help.
Thanks for your detailed report. I'm not able to test this action on GitHub Enterprise, so it's quite possible you've discovered a genuine issue.
It looks like we'll need to initialize
Oktokit
with your GitHub Enterprise server URL: https://github.com/octokit/octokit.js#constructor-options. The value should be available in the[GITHUB_SERVER_URL](https://docs.github.com/en/enterprise-cloud@latest/actions/learn-github-actions/variables#default-environment-variables)
environment variable.If you could fork the action, try this out, and submit a PR, that would really help.
Hey! Thanks for the reply. I'll try to do the suggested fork approach, but it will take some time due to the security processes.
No problem. This should already be fixed on the main branch, and I plan to release a 2.8.1
with the fix shortly.
@n0rdy I've released v2.8.1
(aliased to v2
) with the fix. It would be helpful if you could test and confirm that Dependency Submission now works for you on GitHub Enterprise.
@n0rdy I've released
v2.8.1
(aliased tov2
) with the fix. It would be helpful if you could test and confirm that Dependency Submission now works for you on GitHub Enterprise.
I gave it a try: the error is gone and the dependency graph was submitted - thanks a lot!
The Dependabot security update failed with the same error as I described within the issue report to another dependency submission action library, but I guess it's the issue on the Dependabot end.
Thanks again for the fix!
Hello there!
Thanks for the development of this plugin, and especially for the recent Dependency Graph Submission feature - it's pretty useful to make Dependabot work with Gradle.
While configuring the workflow, I experienced the issue that happens in the post-action stage:
Some context:
jobs: gradle-action-detection: runs-on: [ ubuntu-latest ] permissions: contents: write steps:
name: 'Checkout Repository' uses: actions/checkout@v4
name: Setup Java 17 uses: actions/setup-java@v3 with: java-version: '17' distribution: corretto
name: Setup Gradle to generate and submit dependency graphs uses: gradle/gradle-build-action@v2 with: dependency-graph: generate-and-submit
name: Run a build, generating the dependency graph snapshot which will be submitted run: ./gradlew build
The provided error happens for the
Post Setup Gradle to generate and submit dependency graphs
step.Based on the logs, I can see that the error is originated here:
when the
submitDependencyGraphs
method is called.I noticed that there is the exact endpoint hardcoded, so I wonder whether that could be somehow related to the differences between the regular GitHub and GitHub Enterprise: according to the GitHub Docs, there is a slight diff:
https://api.github.com/repos/OWNER/REPO/dependency-graph/snapshots
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dependency-graph/snapshots
Maybe, it seems like this might be somehow resolved by the
Octokit
library you are using under the hood. However, I didn't manage to find the answer while browsing the codebase.Also, I double-checked that:
curl
(without a token, without/api/v3
, with the wrong token), and I can't get aNot found
response from it - so it doesn't seem to be some permissions-related issue.Question: Is it me doing something wrong, or is it something that is not supported by this action?
Any help here is appreciated. Thanks a lot!