search

joshmfrankel / simplecov-check-action

SimpleCov+ Action
MIT License
33 stars 16 forks source link

Error: "You must authenticate via a GitHub App #7

Closed alois-gaucher closed 2 years ago

alois-gaucher commented 2 years ago

Hello,

I'm trying to integrate this action to a private repo, after trying to configure it I have this error that makes the action fail. Do you have any idea on how to fix this ?

/action/lib/coverage/utils/request.rb:48:in `run': Forbidden: {"message":"You must authenticate via a GitHub App.","documentation_url":"https://docs.github.com/rest/reference/checks#create-a-check-run"} (RuntimeError)

joshmfrankel commented 2 years ago

That sounds like your github_token is either invalid or missing. Did you use the github_token: ${{ secrets.GITHUB_TOKEN }} line from the basic installation example? https://github.com/joshmfrankel/simplecov-check-action#basic-installation. Do you have an example of your configuration?

andriimokii commented 2 years ago

Same here, token is in place with all permissions set

      - name: Run RSpec
        env:
          DB_NAME_TEST: ${{ secrets.POSTGRES_DB_TEST }}
          DB_USERNAME_TEST: ${{ secrets.POSTGRES_USER_TEST }}
          DB_PASSWORD_TEST: ${{ secrets.POSTGRES_PASSWORD_TEST }}
          RAILS_ENV: test
        run: |
          bin/rails db:migrate
          bundle exec rspec
      - uses: joshmfrankel/simplecov-check-action@main
        with:
          github_token: ${{ secrets.SIMPLECOV_ACTION_TOKEN }}
joshmfrankel commented 2 years ago

What I'm thinking based on the above config is going on:

  1. github_token: ${{ secrets.GITHUB_TOKEN }} - secrets.GITHUB_TOKEN is a specially generated EnvVar which is created during a Github actions run. You should utilize this exact name in your setup. If you are using this, then it's possible Github actions isn't enabled. If you're within an Organization it may be that the Org has disabled it
  2. "You must authenticate via a GitHub App." and utils/request.rb:48 seem to also indicate an issue with the GITHUB_TOKEN. Utils::Request accepts the access_token as an arg which is derived from secrets.GITHUB_TOKEN.

Try changing ${{ secrets.SIMPLECOV_ACTION_TOKEN }} to ${{ secrets.GITHUB_TOKEN }} and seeing if that solves the issue

From documentation: https://docs.github.com/en/actions/security-guides/automatic-token-authentication this token is a special automatically generated token to authenticate for Github actions.

At the start of each workflow run, GitHub automatically creates a unique GITHUB_TOKEN secret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in a workflow run.

When you enable GitHub Actions, GitHub installs a GitHub App on your repository. The GITHUB_TOKEN secret is a GitHub App installation access token. You can use the installation access token to authenticate on behalf of the GitHub App installed on your repository. The token's permissions are limited to the repository that contains your workflow.

joshmfrankel commented 2 years ago

I'm closing this as a potential configuration setup issue. If other's start experiencing it, I'll take a look as well as reach out to Github.