search

saadmk11 / github-actions-version-updater

A GitHub Action that Updates All GitHub Actions in a Repository and Creates a Pull Request with the Updates
https://github.com/marketplace/actions/github-actions-version-updater
MIT License
91 stars 15 forks source link

Unable to push branch #13

Open bastelfreak opened 2 years ago

bastelfreak commented 2 years ago

Hi! I'm currently trying to implement your workflow in https://github.com/voxpupuli/vox-pupuli-tasks/pull/479

from the workflow config:

  github-action-updater:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
      with:
        token: ${{ secrets.SAADMK11_GITHUB_ACTIONS_VERSION_UPDATER_VPT }}
    - name: GitHub Actions Version Updater
      uses: saadmk11/github-actions-version-updater@v0.5.6
      with:
        token: ${{ secrets.SAADMK11_GITHUB_ACTIONS_VERSION_UPDATER_VPT }}

This fails with:

Create New Branch
  error: pathspec 'refs/pull/479/merge' did not match any file(s) known to git
  Switched to a new branch 'gh-actions-update-1655896430'
  [gh-actions-update-1655896430 7cbc18e] Update GitHub Action Versions
   3 files changed, 14 insertions(+), 14 deletions(-)
  To https://github.com/voxpupuli/vox-pupuli-tasks
   ! [remote rejected] gh-actions-update-1655896430 -> gh-actions-update-1655896430 (shallow update not allowed)
  error: failed to push some refs to 'https://github.com/voxpupuli/vox-pupuli-tasks'
Create Pull Request
  Warning: Could not create a pull request on voxpupuli/vox-pupuli-tasks, status code: [422]

and a couple of questions:

saadmk11 commented 2 years ago

Hi @bastelfreak, This action should run on a schedule event or a workflow_dispatch event.

Example:

# Controls when the action will run.
on:
  # can be used to run workflow manually
  workflow_dispatch:
  schedule:
    # Automatically run on every Sunday
    - cron:  '0 0 * * 0'

Does the token for actions/checkout@v2 actually needs the workflow scope?

I think the action should work without this.

The action is marked as successful, even when the push failed. I think that should be changed?

I need to update this behavior.

desecho commented 2 years ago

Does the token for actions/checkout@v2 actually needs the workflow scope?

I think the action should work without this.

If I add it to a repo without this, it fails to push a branch saying that the workflow permission is not there, however after I add it, run the workflow, then it succeeds, then I remove it from the workflow, run it again and it still works. Looks like a bug of some kind. I am not sure what is going on there.

saadmk11 commented 2 years ago

If I add it to a repo without this, it fails to push a branch saying that the workflow permission is not there, however after I add it, run the workflow, then it succeeds, then I remove it from the workflow, run it again and it still works. Looks like a bug of some kind. I am not sure what is going on there.

Hi @desecho, Thanks for the bug report. :+1: I have not worked on this for sometime. I will check it out and try to reproduce it when I get some time.

vladislav-tkach commented 2 years ago

Does the token for actions/checkout@v2 actually needs the workflow scope?

It seems that it does need a workflow-scoped token. Otherwise, I get an error when the version updater action tries to push a new branch. Not sure why is that but I found the solution here: https://github.com/orgs/community/discussions/27072

saadmk11 commented 1 year ago

The action is marked as successful, even when the push failed. I think that should be changed?

I need to update this behavior.

Fixed in https://github.com/saadmk11/github-actions-version-updater/pull/17/

saadmk11 commented 1 year ago

Does the token for actions/checkout@v2 actually needs the workflow scope?

It seems that it does need a workflow-scoped token. Otherwise, I get an error when the version updater action tries to push a new branch. Not sure why is that but I found the solution here: https://github.com/orgs/community/discussions/27072

GitHub Actions Log when PAT without workflow scope is used:

! [remote rejected] gh-actions-update-1665821908 -> gh-actions-update-1665821908 (refusing to allow a Personal Access Token to create or update workflow `.github/workflows/new.yaml` without `workflow` scope)

Does the token for actions/checkout@v2 actually needs the workflow scope?

I think the action should work without this.

If I add it to a repo without this, it fails to push a branch saying that the workflow permission is not there, however after I add it, run the workflow, then it succeeds, then I remove it from the workflow, run it again and it still works. Looks like a bug of some kind. I am not sure what is going on there.

I can confirm this. Not sure whats going on here. Happens after changing token with workflow scope to token without workflow scope.