Closed xenoterracide closed 3 years ago
I see you're using v1
of actions/checkout
. Could you upgrade to v2
?
The latest version of git-auto-commit
requires you to use at least actions/checkout@v2
: https://github.com/stefanzweifel/git-auto-commit-action#checkout-the-correct-branch
Hi, im using v2
but I still get this issue.
@ahnpnl Could you provide an example run or the exact output of a run? It would also be really great if you could share your Workflow file and a short description, what your Workflow does.
Hi, this is my failed workflow https://github.com/ahnpnl/jest-angular/runs/2140983419?check_suite_focus=true
In this workflow, I tried to fix yarn 2 lock file and repush on the same branch which dependabot creates. You can view my workflow file here https://github.com/ahnpnl/jest-angular/blob/015a3564899ff0994b056259f1d9e37cfdb530f2/.github/workflows/fix-lock-file.yml
[…] and repush on the same branch which dependabot creates
This is the problem. GitHub changed how workflow runs started by Dependabot work:
Starting March 1st, 2021 workflow runs that are triggered by Dependabot from push, pull_request, pull_request_review, or pull_request_review_comment events will be treated as if they were opened from a repository fork. This means they will receive a read-only GITHUB_TOKEN and will not have access to any secrets available in the repository. This will cause any workflows that attempt to write to the repository to fail.
This change will affect all repositories, both public and private, regardless of how they are configured, and is being made to prevent potentially compromised dependencies from capturing secrets referenced in your workflows.
There's currently nothing we can do about this.
Thanks for the information 👍
Got the same issue on chekout@v3
@maximkrouk Could you please share the exact error message you're receiving and the exact workflow you're using. This issue is 2 years old and GitHub Actions changed a lot since then. We're not able to help you just with the info "that it does not work".
If – by any chance – you're trying to push to a protected branch, please checkout the section in the README on how to set this up properly.
Yeah, sorry for leaving non-informative message 😅
Run: https://github.com/maximkrouk/ShyView/actions/runs/5412709755/jobs/9837181825
Workflow:
name: CI
on:
push:
branches:
- main-tests # I ran the workflow from this branch
pull_request:
branches:
- "*"
jobs:
test-ios:
name: "macOS 12 (Xcode 14.0)"
runs-on: macos-12
permissions:
contents: write # I also changed default permissions to `write` but it didn't help
steps:
- uses: actions/checkout@v1
- name: Select Xcode 14.0
run: sudo xcode-select -s /Applications/Xcode_14.0.app
- name: Run tests
run: make test-ios
- uses: stefanzweifel/git-auto-commit-action@v4
with:
commit_message: "Save tests"
branch: main-tests
git-auto-commit-action step log:
Run stefanzweifel/git-auto-commit-action@v4
Started: bash /Users/runner/work/_actions/stefanzweifel/git-auto-commit-action/v4/entrypoint.sh
INPUT_REPOSITORY value: .
INPUT_STATUS_OPTIONS:
INPUT_FILE_PATTERN: .
INPUT_BRANCH value: main-tests
Switched to a new branch 'main-tests'
branch 'main-tests' set up to track 'origin/main-tests'.
INPUT_ADD_OPTIONS:
INPUT_FILE_PATTERN: .
INPUT_COMMIT_OPTIONS:
INPUT_COMMIT_USER_NAME: github-actions[bot]
INPUT_COMMIT_USER_EMAIL: 41898282+github-actions[bot]@users.noreply.github.com
INPUT_COMMIT_MESSAGE: Save tests
INPUT_COMMIT_AUTHOR: maximkrouk <maximkrouk@users.noreply.github.com>
[main-tests 1d7acac] Save tests
Author: maximkrouk <maximkrouk@users.noreply.github.com>
2 files changed, 0 insertions(+), 0 deletions(-)
create mode 100644 Tests/ShyViewTests/__Snapshots__/ShyViewTests/testPrivacyInsensitive.1.png
create mode 100644 Tests/ShyViewTests/__Snapshots__/ShyViewTests/testPrivacySensitive.1.png
INPUT_TAGGING_MESSAGE:
No tagging message supplied. No tag will be added.
INPUT_PUSH_OPTIONS:
fatal: could not read Username for 'https://github.com': Device not configured
Error: Invalid status code: 128
at ChildProcess.<anonymous> (/Users/runner/work/_actions/stefanzweifel/git-auto-commit-action/v4/index.js:17:19)
at ChildProcess.emit (node:events:527:28)
at maybeClose (node:internal/child_process:1092:[16](https://github.com/maximkrouk/ShyView/actions/runs/5412709755/jobs/9837181825#step:5:17))
at Process.ChildProcess._handle.onexit (node:internal/child_process:302:5) {
code: 128
}
Error: Invalid status code: 128
at ChildProcess.<anonymous> (/Users/runner/work/_actions/stefanzweifel/git-auto-commit-action/v4/index.js:[17](https://github.com/maximkrouk/ShyView/actions/runs/5412709755/jobs/9837181825#step:5:18):[19](https://github.com/maximkrouk/ShyView/actions/runs/5412709755/jobs/9837181825#step:5:20))
at ChildProcess.emit (node:events:5[27](https://github.com/maximkrouk/ShyView/actions/runs/5412709755/jobs/9837181825#step:5:28):[28](https://github.com/maximkrouk/ShyView/actions/runs/5412709755/jobs/9837181825#step:5:29))
at maybeClose (node:internal/child_process:1092:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:[30](https://github.com/maximkrouk/ShyView/actions/runs/5412709755/jobs/9837181825#step:5:31)2:5)
The branch is not protected
@maximkrouk
uses: actions/checkout@v1
It looks like you're using actions/checkout@v1
. The Action requires at least v2 to work properly. v3 is the latest version and works also great with this Action.
So just update this line in your workflow and you should be good to go.
- uses: actions/checkout@v1
+ uses: actions/checkout@v3
(The checkout-Action sets up the authentication that git-auto-commit uses.)
Ah, feels like forgetting a semicolon in C-languages 🤡, I was so sure I was using v3 :D Thank you ^^
fails with
which of course suggests that it's not trying to use the GitHub token, which is of course true because it's not being passed as a secret.