[BUG] ##[error]Parameter token or opts.auth is required

[rodrigondec]

Resume

I'm receiving the error ##[error]Parameter token or opts.auth is required on this run on my CI

Proofs

Description & code digging

I found this issue actions/toolkit#324 by googling the error returned.

On this line of code of this action is used:

const octokit = new github.GitHub(token);

In the package @actions/github on this line of code (which probably raises the error) is used:

constructor(token: string, opts?: Omit<Octokit.Options, 'auth'>)
  constructor(opts: Octokit.Options)
  constructor(token: string | Octokit.Options, opts?: Octokit.Options) {
    super(GitHub.getOctokitOptions(GitHub.disambiguate(token, opts)))

    this.graphql = GitHub.getGraphQL(GitHub.disambiguate(token, opts))
  }

Github extends Ocktokit. So is super = Ocktokit

In the package @ocktokit/core on this line of code there's the following explanation/documentation:

constructor(options: OctokitOptions = {}) {
[...]

// (1) If neither `options.authStrategy` nor `options.auth` are set, the `octokit` instance
    //     is unauthenticated. The `this.auth()` method is a no-op and no request hook is registred.
    // (2) If only `options.auth` is set, use the default token authentication strategy.
    // (3) If `options.authStrategy` is set then use it and pass in `options.auth`. Always pass own request as many strategies accept a custom request instance.
    // TODO: type `options.auth` based on `options.authStrategy`.

Questions

Should be passed others args besides the token on this line from the action?

const octokit = new github.GitHub(token);

The construct does accept other options:

constructor(token: string, opts?: Omit<Octokit.Options, 'auth'>)

On the official documentation of @actions/github is used only token on the constructor.

Did we miss some official documentation? Should issues be opened on @actions/github and @ocktokit/core?

[alex-page]

Hey @rodrigondec thanks so much for raising this issue and providing all the detailed information.

Do you know how to fix it or replicate it? I will have to spend some time investigating the problem, I haven't seen it before. I am currently thinking about updating the package and seeing if it is still a problem.

[rodrigondec]

Don't know either.

I have re-run the job but still has error. I'm using your action on other projects and didn't have this issue.

I don't understand either why did it happen by analyzing the code and ref I found.

[conarro]

I just ran into this error as well. I had stored the GH_TOKEN at the org-level initially. When I moved it to a repo-level secret, the action worked!

[alex-page]

Oh that is interesting! I will add it to issue #38 thanks @conarro!

Let me know if that fixes your error @rodrigondec

[pandafy]

I just ran into this error as well. I had stored the GH_TOKEN at the org-level initially. When I moved it to a repo-level secret, the action worked!

If I get you correct, you have a project in a repository which is part of an organization. Shouldn't organization level access also provide access to projects of all repositories ?

[pandafy]

I think it is a tedious job to configure secret for all repositories of an organization. @alex-page is this intentionally or there is not a straight forward way to allow organization level token manage projects of all repositories.

On a personal note, I won't like configuring secrets for all repositories individually.

[alex-page]

Yeah it is definitely hard. I would avoid documenting organization secrets or have a sentence saying we don't recommend it's usage.

This is also confusing if people set up private repos in organisations:

Organization secrets cannot be used by private repositories with your plan.
Please consider upgrading your plan if you require this functionality.

[rodrigondec]

I just ran into this error as well. I had stored the GH_TOKEN at the org-level initially. When I moved it to a repo-level secret, the action worked!

@alex-page @conarro

I have my secrets on the repo itself. Not on the org.

This bug is highly esoteric 🤣

Proofs

[rodrigondec]

@alex-page digged some other codes and docs. I edited the issue 😄

[alex-page]

@rodrigondec some people had issues using GH_TOKEN and GITHUB_TOKEN can you try renaming your secret to something else? #33

[rodrigondec]

@rodrigondec some people had issues using GH_TOKEN and GITHUB_TOKEN can you try renaming your secret to something else? #33

Sure, I'll modify and post the results.

But if this is the cause the problem lies on the lib used (@actions/github and @ocktokit/core).

Considering I'm using GH_TOKEN on my other projects and it's working perfectly fine.

https://github.com/imobanco/icnab240/runs/679469380?check_suite_focus=true

Proof

[rodrigondec]

@alex-page

I switched the name of my secret and put it on the Organization.

The run I tested worked perfectly fine.

This doesn't help to discover why the bug happened on the first place 😅

Maybe it's the case to open issues on the libs I mentioned?

Proofs

[alex-page]

@rodrigondec that might be a good idea. I have secrets in organisation repositories and it works for me fine. I wonder if there is something else going on here?

[conarro]

@rodrigondec some people had issues using GH_TOKEN and GITHUB_TOKEN can you try renaming your secret to something else? #33

I tried using GH_ACCESS_TOKEN the org-level, still didn't work. It's working for me with repo-level secrets called GH_TOKEN.

Will post back here if I do any other combinations.

I have secrets in organisation repositories

Just to clarify, the issue here is not having secrets in organization repositories, but secrets that live at the organization-level itself.

[rodrigondec]

@rodrigondec some people had issues using GH_TOKEN and GITHUB_TOKEN can you try renaming your secret to something else? #33

I tried using GH_ACCESS_TOKEN the org-level, still didn't work. It's working for me with repo-level secrets called GH_TOKEN.

Will post back here if I do any other combinations.

I have secrets in organisation repositories

Just to clarify, the issue here is not having secrets in organization repositories, but secrets that live at the organization-level itself.

@conarro is it running from forked repos? I opened a issue on actions/toolkit#465 and discovered the cause for my error.

#38 (comment)

[alex-page]

Re-opening this issue until #38 is done

[conarro]

is it running from forked repos?

@rodrigondec no, no forks in my setup sadly.