Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Latest v2 broke all of my private github actions #283

Closed
derek-burdick opened this issue Jun 17, 2020 · 9 comments · Fixed by #284
Closed

Latest v2 broke all of my private github actions #283

derek-burdick opened this issue Jun 17, 2020 · 9 comments · Fixed by #284

Comments

@derek-burdick
Copy link

After the release this morning, all of my github actions using checkout to pull a private action started failing.

      - uses: actions/checkout@v2
        with:
          repository: privateorg/actions
          path: .privateorg-actions
          ssh-key: ${{ secrets.GITSSHKEY }}

I would like to request that you revert the change that is now breaking hundreds of my private workflows.

@drwoods
Copy link

drwoods commented Jun 17, 2020

Same here. We had to update several repos (with many more to come) to use the token instead -

- uses: actions/checkout@v2
        with:
          repository: privateorg/actions
          path: .privateorg-actions
          token: ${{ secrets.TOKEN }}

The v2.3.0 release needs to be reverted and released as a breaking v3 release if token needs to be a required/valid parameter.

@mizumotok
Copy link

I got the same problem.
"Determining the default branch" fails using ssh-key.

Determining the default branch
  Retrieving the default branch name
  Not Found
  Waiting 12 seconds before trying again
  Retrieving the default branch name
  Not Found
  Waiting 12 seconds before trying again
  Retrieving the default branch name
  ##[error]Not Found

I guess checking the default branch before setting up auth.

https://github.com/actions/checkout/blob/v2.3.0/src/git-source-provider.ts#L22

  // Determine the default branch
  if (!settings.ref && !settings.commit) {
    core.startGroup('Determining the default branch')
    settings.ref = await githubApiHelper.getDefaultBranch(
      settings.authToken,
      settings.repositoryOwner,
      settings.repositoryName
    )
    core.endGroup()
  }
  :
  :
  :
  const authHelper = gitAuthHelper.createAuthHelper(git, settings)
  try {
    // Configure auth
    core.startGroup('Setting up auth')
    await authHelper.configureAuth()
    core.endGroup()

@phiresky
Copy link

phiresky commented Jun 18, 2020

Same here. This is breaking all of our test runs since they fetch info from a different repo than the tested one. Pretty sure this is caused by #278 @ericsciple

Using the repo token is not a valid solution in general since it doesn't work for ssh keys that are passed via secrets that are not part of the normal TOKEN.

For some reason in that PR it was decided to use the proprietary Github API instead of the standard git api to determine the default branch, which means this also shouldn't work for repos from any other provider other than github.

The standard git api for determining the default branch is fetching the HEAD ref from the remote. If the repo is already synchronized, this is just git symbolic-ref refs/remotes/origin/HEAD. Otherwise, it can be fetched by either:

  • git remote show https://github.com/actions/checkout | grep 'HEAD branch' human readable, only works within a git repo
  • git ls-remote --exit-code --symref https://github.com/actions/checkout HEAD works from anywhere, independent of the surrounding repository, machine readable output (i guess)

Also, instead of just failing completely when default branch cannot be determined (might be possible to configure a repo to not have one?) it should probably still fall back to master to be compatible with previous behaviour?

@viernullvier
Copy link

We've been running into the same error message as @mizumotok - the default branch selection logic still seems to have some major issues.

Our configuration:

- name: Checkout deploy repo
        uses: actions/checkout@v2
        with:
          repository: redacted/redacted.url
          path: .redacted.url
          ssh-key: ${{ secrets.QA_DEPLOY_KEY }}

For the time being, setting the ref explicitly fixed the issue for us:

- name: Checkout deploy repo
        uses: actions/checkout@v2
        with:
          repository: redacted/redacted.url
          path: .redacted.url
          ref: master
          ssh-key: ${{ secrets.QA_DEPLOY_KEY }}

I agree with @drwoods - it seems like v2.3 introduced some breaking changes, so it should have been a v3 release instead.

@ericsciple
Copy link
Contributor

Sorry about the disruption.

I just pushed an update to v2 which contains the fix. Let me know if everything is working again.

@ericsciple
Copy link
Contributor

@phiresky thanks for the git ls-remote suggestion!

@drwoods
Copy link

drwoods commented Jun 18, 2020

verified that v2.3.1 works for my repos that are using ssh-key w/o a token. Thanks!

@mizumotok
Copy link

Works fine for my repos. Thank you.

@faizalzakaria
Copy link

I'm hoping that the future changes shouldn't break the legacy. With multiple of repo, to update them is tedious.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

7 participants