search

mszostok / codeowners-validator

The GitHub CODEOWNERS file validator
Apache License 2.0
221 stars 47 forks source link

App authentication doesn't work with provided action #162

Closed allanlewis closed 2 years ago

allanlewis commented 2 years ago

Description

I created a Github app for use with the action provided by this repo but I get the following error:

while creating GitHub client: GitHub authorization is required, provide ACCESS_TOKEN or APP_ID

My step is something like this:

- name: Run CODEOWNERS validator
  uses: mszostok/codeowners-validator@v0.7.4
  with:
    checks: "owners,duppatterns,syntax"
    owner_checker_owners_must_be_teams: "true"  # Disallow individual users as owners
  env:
    GITHUB_APP_ID: ${{ secrets.REDACTED }}
    GITHUB_APP_INSTALLATION_ID: ${{ secrets.REDACTED }}
    GITHUB_APP_PRIVATE_KEY: ${{ secrets.REDACTED }}

Troubleshooting

Using the Docker image directly with the same credentials works:

- name: Run CODEOWNERS validator
  uses: docker://mszostok/codeowners-validator:v0.7.4
  env:
    GITHUB_APP_ID: ${{ secrets.REDACTED }}
    GITHUB_APP_INSTALLATION_ID: ${{ secrets.REDACTED }}
    GITHUB_APP_PRIVATE_KEY: ${{ secrets.REDACTED }}
    REPOSITORY_PATH: "."
    OWNER_CHECKER_REPOSITORY: REDACTED/REDACTED
    OWNER_CHECKER_OWNERS_MUST_BE_TEAMS: "true"
    CHECKS: duppatterns,owners,syntax
mszostok commented 2 years ago

Hi @allanlewis

Thanks for reporting that. The problem is with your configuration. You used the env instead of with.

So it should be:

- name: Run CODEOWNERS validator
  uses: mszostok/codeowners-validator@v0.7.4
  with:
    checks: "owners,duppatterns,syntax"
    owner_checker_owners_must_be_teams: "true"  # Disallow individual users as owners
    github_app_id: ${{ secrets.REDACTED }}
    github_app_installation_id: ${{ secrets.REDACTED }}
    github_app_private_key: ${{ secrets.REDACTED }}

If you still want to use envs, I described it here:

If you want to use environment variables anyway, you must add the INPUT_ prefix to each environment variable. For example, OWNER_CHECKER_IGNORED_OWNERS becomes INPUT_OWNER_CHECKER_IGNORED_OWNERS.

so in this case it would be:

- name: Run CODEOWNERS validator
  uses: mszostok/codeowners-validator@v0.7.4
  with:
    checks: "owners,duppatterns,syntax"
    owner_checker_owners_must_be_teams: "true"  # Disallow individual users as owners
  env:
    INPUT_GITHUB_APP_ID: ${{ secrets.REDACTED }}
    INPUT_GITHUB_APP_INSTALLATION_ID: ${{ secrets.REDACTED }}
    INPUT_GITHUB_APP_PRIVATE_KEY: ${{ secrets.REDACTED }}

However, I will adjust the documentation to make it more straight forward, to just copy-paste what needed.

mszostok commented 2 years ago

Let me know whether is more readable now :) https://github.com/mszostok/codeowners-validator/blob/main/docs/gh-auth.md#github-app

allanlewis commented 2 years ago

Thanks, @mszostok - the reason I was trying to use env vars was that the app authentication parameters weren't listed in action.yml. I see that you've addressed that in ccda6cc - are you intending to make a new release in the near future?

mszostok commented 2 years ago

Not sure about that as I want to release it with at least one new feature. However you can use it in that way without the release. You will just see the notice about missing props but the action will work properly 👍 See: https://github.com/GitHubCODEOWNERS/codeowners-samples/actions/runs/2655128900

iamstarkov commented 2 years ago

im having the similar issue, I configured the actions in this way:

    - uses: mszostok/codeowners-validator@v0.7.4
      with:
        github_app_id: 'REDACTED'
        github_app_installation_id: 'REDACTED'
        github_app_private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
        checks: "files,owners,duppatterns,syntax"
        experimental_checks: "notowned,avoid-shadowing"

and I got this output where action complains that documented required fields are not expected.

$ Run mszostok/codeowners-validator@v0.7.4
Warning: Unexpected input(s) 'github_app_id', 'github_app_installation_id', 'github_app_private_key', valid inputs are ['entryPoint', 'args', 'github_access_token', 'github_base_url', 'github_upload_url', 'experimental_checks', 'checks', 'repository_path', 'check_failure_level', 'not_owned_checker_skip_patterns', 'owner_checker_repository', 'owner_checker_ignored_owners', 'owner_checker_allow_unowned_patterns', 'owner_checker_owners_must_be_teams', 'not_owned_checker_subdirectories', 'not_owned_checker_trust_workspace']

am I missing something?

mszostok commented 2 years ago

Hi @iamstarkov,

For 0.7.4 you will see this warning. However, the validator will work properly, the warning will disappear in 0.7.5.

I will cut a new release this week 👍

iamstarkov commented 2 years ago

I wouldn't classify it as a warning, due to it failing the build haha.

@mszostok thank you

mszostok commented 2 years ago

@iamstarkov are you sure? I tested that and the build was not failing, see: https://github.com/GitHubCODEOWNERS/codeowners-samples/actions/runs/2655128900

mszostok commented 2 years ago

can you share your job execution?

iamstarkov commented 2 years ago

@mszostok nevermind, im a dumbass and forgot to add private key in secrets. thank you again for the help