Unclear error: secretOrPrivateKey must be an asymmetric key when using RS256
Closed this issue · 4 comments
I have tried to use this action with a newly created internal github-app and get this error.
I guess it means my secret is wrong?
Could I have formatted it incorrectly?
Is it likely to be similar to this stackoverflow question? (PEM format, extra whitespace etc)
https://stackoverflow.com/questions/75635389/secretorprivatekey-must-be-an-asymmetric-key-when-using-rs256
- I've tried using the app's
Client Secretkey that I generated (42 char hex string) - I've tried an app private key:
SHA256:<base64 string XYZ0123/=> - Tried private key without
SHA256:prefix
at module2.exports [as sign] (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:10369:26)
Error: secretOrPrivateKey must be an asymmetric key when using RS256
at getToken (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:10500:27)
at githubAppJwt (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:10516:27)
at getAppAuthentication (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:11822:90)
at hook (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:12115:41)
at newApi (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:30550:36)
at getTokenFromOwner (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:29956:26)
at /home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:29937:71
at RetryOperation._fn (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:29856:30)
at Timeout. (/home/runner/work/_actions/actions/create-github-app-token/v1/dist/main.cjs:12311:14)
ooof, I created a new private key, and down came a .pem!
Copied the contents of that directly into the secret, and it's worked!
(someone else generated my initial private key + secret, and I guess copied the wrong thing - doing it myself was a bit more obvious what the content should be :)
Perhaps still, the docs could be clearer that the key is the contents of the .PEM and not the key displayed in the app.
The error could also be better for users
It must be documented the SECRET_PEM value MUST be the content of the .pem file and not the base64 of the .pem as it documented elsewhere in the GitHub docs.
as it documented elsewhere in the GitHub docs
if you could please point us to where it's documented, we will make sure it gets fixed