TonyWhiteSMS
commented
2 years ago So does it also NOT run on ???
on:
workflow_dispatch:Closed nirga closed 1 year ago
TonyWhiteSMS
commented
2 years ago So does it also NOT run on ???
on:
workflow_dispatch:
JamesHenry
commented
2 years ago @nirga Please help us to help you, and be considerate of the developer on the other side.
Your assertion here is false: nx-set-shas does not only work on pull requests. That is clearly in evidence on this very repo in its integration test workflows, as well as the https://github.com/nrwl/ci repo and the countless Nx projects which leverage it.
Therefore, what you have experienced is something specific to you and your setup. Please share as much information as possible about that setup and how you are using the action, as well as clarifying what you mean by "a failure". That way someone from this community will have a chance of helping you diagnose your issue.
Many thanks π
cakeinpanic
commented
1 year ago Hi, I noticed the same, not sure if it's related to your action or to smth else If I have a workflow with a trigger
on:
push:
branches:
...
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Derive appropriate SHAs for base and head for `nx affected` commands
uses: nrwl/nx-set-shas@v3
with:
main-branch-name: master
- run: |
list=$(npm run affected -- --base=$NX_BASE --head=$NX_HEAD | tail -n1)
echo "$list"then I get empty string if PR for this branch is not open yet and proper list of affected libs if PR is open
cmcnicholas
commented
1 year ago I too am experiencing failures on non-PR's as shown below:
name: CI
on:
push:
branches: [master]
pull_request:
branches: [master]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
# fetch all branches and commits so that `nx affected` can compare
fetch-depth: 0
- name: Install node
uses: actions/setup-node@v3
with:
node-version: '18.x'
# this step is using the values produced by next step on other runs for comparing
- name: Get SHA's for `nx affected`
uses: nrwl/nx-set-shas@v3
with:
main-branch-name: master
# this step is storing the values to be used in future runs for comparing
- name: Output NX env vars
run: |
echo "BASE: ${{ env.NX_BASE }}"
echo "HEAD: ${{ env.NX_HEAD }}"
- name: Install packages
run: npm ci
- name: Lint
run: npm run lint
- name: Test
run: npm run test
- name: Build
run: npm run build0s
Run nrwl/nx-set-shas@v3
Run node $GITHUB_ACTION_PATH/dist/index.js *** master false push .
Run echo "Base SHA"
Base SHA
9a96e34d4953e[1](https://github.com/***/actions/runs/4707292086/jobs/8349073094#step:4:1)dd5be[8](https://github.com/***/actions/runs/4707292086/jobs/8349073094#step:4:9)5142391e0510e137bfda
Head SHA
7fccf179ebd[20](https://github.com/***/actions/runs/4707292086/jobs/8349073094#step:4:23)20a95902c53d0f05206ee35b0f0
Run echo "NX_BASE=9a96e34d4953e1dd5be8514[23](https://github.com/***/actions/runs/4707292086/jobs/8349073094#step:4:26)91e0510e137bfda" >> $GITHUB_ENV
NX_BASE and NX_HEAD environment variables have been set for the current Job
Run nrwl/nx-set-shas@v[3](https://github.com/***/actions/runs/4707305992/jobs/8349092394#step:4:3)
with:
main-branch-name: master
set-environment-variables-for-job: true
error-on-no-successful-workflow: false
last-successful-event: push
working-directory: .
Run node $GITHUB_ACTION_PATH/dist/index.js *** master false push .
node $GITHUB_ACTION_PATH/dist/index.js *** master false push .
shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
Error: Resource not accessible by integration
Error: Process completed with exit code 1.
vkmagalhaes
commented
1 year ago I'm having the same issue as cmcnicholas above. Works on pull_request events, but not push to main.
Here is the debug log in case it helps:
##[debug]Evaluating condition for step: 'Setup Nx affected'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: Setup Nx affected
##[debug]Loading inputs
##[debug]Loading env
> Run nrwl/nx-set-shas@v3
##[debug]Evaluating condition for step: 'run'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: run
##[debug]Loading inputs
##[debug]Evaluating: format('node $GITHUB_ACTION_PATH/dist/index.js {0} {1} {[2](https://github.com/***/***/actions/runs/***/jobs/***#step:5:2)} {3} {4} {5}', github.token, inputs.main-branch-name, inputs.error-on-no-successful-workflow, inputs.last-successful-event, inputs.working-directory, inputs.workflow-id)
##[debug]Evaluating format:
##[debug]..Evaluating String:
##[debug]..=> 'node $GITHUB_ACTION_PATH/dist/index.js {0} {1} {2} {3} {4} {5}'
##[debug]..Evaluating Index:
##[debug]....Evaluating github:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'token'
##[debug]..=> '***'
##[debug]..Evaluating Index:
##[debug]....Evaluating inputs:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'main-branch-name'
##[debug]..=> 'main'
##[debug]..Evaluating Index:
##[debug]....Evaluating inputs:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'error-on-no-successful-workflow'
##[debug]..=> 'false'
##[debug]..Evaluating Index:
##[debug]....Evaluating inputs:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'last-successful-event'
##[debug]..=> 'push'
##[debug]..Evaluating Index:
##[debug]....Evaluating inputs:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'working-directory'
##[debug]..=> '.'
##[debug]..Evaluating Index:
##[debug]....Evaluating inputs:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'workflow-id'
##[debug]..=> ''
##[debug]=> 'node $GITHUB_ACTION_PATH/dist/index.js *** main false push . '
##[debug]Result: 'node $GITHUB_ACTION_PATH/dist/index.js *** main false push . '
##[debug]Loading env
> Run node $GITHUB_ACTION_PATH/dist/index.js *** main false push .
node $GITHUB_ACTION_PATH/dist/index.js *** main false push .
shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
env:
PARALLEL: 5
PNPM_HOME: /home/runner/setup-pnpm/node_modules/.bin
##[debug]/usr/bin/bash --noprofile --norc -e -o pipefail /home/runner/work/_temp/6e5de641-3675-4b4f-8b9d-507400b23ccf.sh
Error: Resource not accessible by integration
Error: Process completed with exit code 1.
##[debug]Finished: run
##[debug]Evaluating condition for step: 'run'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> false
##[debug]Result: false
##[debug]Evaluating condition for step: 'run'
##[debug]Evaluating: (success() && (inputs.set-environment-variables-for-job == 'true'))
##[debug]Evaluating And:
##[debug]..Evaluating success:
##[debug]..=> false
##[debug]=> false
##[debug]Expanded: (false && (inputs['set-environment-variables-for-job'] == 'true'))
##[debug]Result: false
##[debug]Evaluating: steps.setSHAs.outputs.base
##[debug]Evaluating Index:
##[debug]..Evaluating Index:
##[debug]....Evaluating Index:
##[debug]......Evaluating steps:
##[debug]......=> Object
##[debug]......Evaluating String:
##[debug]......=> 'setSHAs'
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'outputs'
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'base'
##[debug]=> null
##[debug]Result: null
##[debug]Evaluating: steps.setSHAs.outputs.head
##[debug]Evaluating Index:
##[debug]..Evaluating Index:
##[debug]....Evaluating Index:
##[debug]......Evaluating steps:
##[debug]......=> Object
##[debug]......Evaluating String:
##[debug]......=> 'setSHAs'
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'outputs'
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'head'
##[debug]=> null
##[debug]Result: null
##[debug]Evaluating: steps.setSHAs.outputs.noPreviousBuild
##[debug]Evaluating Index:
##[debug]..Evaluating Index:
##[debug]....Evaluating Index:
##[debug]......Evaluating steps:
##[debug]......=> Object
##[debug]......Evaluating String:
##[debug]......=> 'setSHAs'
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'outputs'
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'noPreviousBuild'
##[debug]=> null
##[debug]Result: null
##[debug]Finishing: Setup Nx affectedI found this article when searching for the generic resource not accessible error, and I tried specifying the id-token: write permission, but it didn't work.
vkmagalhaes
commented
1 year ago @JamesHenry, does the ticket has enough info now, or is there something else I can help with?
vkmagalhaes
commented
1 year ago hmmmmm ... I was able to "fix" my issue by just removing the permissions attribute I had for the job:
permissions:
contents: read
deployments: writeπ€·π»ββοΈ
p1p3
commented
1 year ago hmmmmm ... I was able to "fix" my issue by just removing the
permissionsattribute I had for the job:permissions: contents: read deployments: writeπ€·π»ββοΈ
This did the trick for me, however, instead of completely removing it I set the permission for a specific job.
meeroslav
commented
1 year ago You need to have actions: 'read' set since we use GitHub actions API as seen here: https://github.com/nrwl/nx-set-shas/blob/main/README.md#permissions-in-v2
nirga
commented
1 year ago That's not true @meeroslav
I have these permissions, but it still happens to me. There's a bug in the way nx-set-shas calculates the diff in PRs, easily reproducible if you force push into a PR.
JamesHenry
commented
1 year ago @nirga I can only repeat my message to you from nearly a year ago which you did not respond to: https://github.com/nrwl/nx-set-shas/issues/79#issuecomment-1326330103
Please help us to help you. If you say it is easily reproducible then please kindly provide a reproduction we can look at and we can take it further
rplankenhorn
commented
1 year ago @JamesHenry I am seeing this error ~locally~ in my private repo too when using it with a push event. Any reason why this issue was closed? Also, can you point me to the workflow that uses this action in https://github.com/nrwl/ci with a push event? I can't seem to find one that does. I have the correct permissions set so I'm not sure why things are failing.
Edit: Actually, the only workflow I found in that repo above that uses this action uses it with a workflow_dispatch and not a push event. Can you point me to a workflow that uses this action as a push event? Also, I understand you keep asking @nirga for examples but it seems like several other people have encountered the same issue and posted workflows but you haven't responded to them.
JamesHenry
commented
1 year ago @rplankenhorn There are a number of different unrelated things discussed on this thread, so it's not possible to know what you mean by "this error", and I'm not sure what you mean by seeing an error locally, given this doesn't run on your machine?
Miro provided the solution to this issue already, you need to set appropriate permissions in your workflow file.
I was able to make it work just fine on my main branch by following those instructions:
https://github.com/JamesHenry/shas/blob/main/.github/workflows/ci.yml
https://github.com/JamesHenry/shas/actions/runs/6331724485/job/17196863821
Here I created a fresh nx workspace with the relevant config and pushed it up so that we can all see it. That's all we are asking folks to do so that we can help them. Creating a reproduction of an issue in a shareable format is always the best starting point. As you can see here, we do not have a reproduction of any issue and there is a documented solution
JamesHenry
commented
1 year ago I've now also updated our ci-workflow generator within nx to add appropriate permissions from the get go: https://github.com/nrwl/nx/pull/19357
nirga
commented
1 year ago @JamesHenry @meeroslav sorry I overlooked this correspondence. Not sure why you closed this, as this is still happening. For example, here's a recent failure we got on our repo: https://github.com/traceloop/openllmetry/actions/runs/6354055395/job/17259903114
JamesHenry
commented
1 year ago @nirga your most recent commits on main seem to be using the action and working well?
nirga
commented
1 year ago I think i managed to figure out whatβs causing this issue - at least for me - it happens when I force push. It then tries to find the old commit that was taken out of the branch and was overwritten by the new commit that was force pushed
rplankenhorn
commented
1 year ago @rplankenhorn There are a number of different unrelated things discussed on this thread, so it's not possible to know what you mean by "this error", and I'm not sure what you mean by seeing an error locally, given this doesn't run on your machine?
Miro provided the solution to this issue already, you need to set appropriate permissions in your workflow file.
I was able to make it work just fine on my main branch by following those instructions:
https://github.com/JamesHenry/shas/blob/main/.github/workflows/ci.yml
https://github.com/JamesHenry/shas/actions/runs/6331724485/job/17196863821
Here I created a fresh nx workspace with the relevant config and pushed it up so that we can all see it. That's all we are asking folks to do so that we can help them. Creating a reproduction of an issue in a shareable format is always the best starting point. As you can see here, we do not have a reproduction of any issue and there is a documented solution
@JamesHenry Both of the URLs you linked do not work (or are not publicly available). I updated my comment to say that I was seeing the issue in my private repo. I was referring to the title of the issue when saying I was experiencing the same error.
I did figure out my issue. I had a composite "install" action that was calling the nx-set-shas at the end. I had set the permissions within this action correctly but didn't set the permissions correctly on the parent workflow. Normally, Github will fail on this but it wasn't for unknown reason.
JamesHenry
commented
1 year ago @rplankenhorn Sorry the repo was private by accident, public now
JamesHenry
commented
1 year ago @nirga Ok let's continue the conversation about force pushing over here https://github.com/nrwl/nx-set-shas/issues/119
If run on events like
There's a failure.