App authentication doesn't work with provided action

Question

App authentication doesn't work with provided action

Closed this issue 2 years ago · 10 comments

Description

I created a Github app for use with the action provided by this repo but I get the following error:

while creating GitHub client: GitHub authorization is required, provide ACCESS_TOKEN or APP_ID

My step is something like this:

- name: Run CODEOWNERS validator
  uses: mszostok/codeowners-validator@v0.7.4
  with:
    checks: "owners,duppatterns,syntax"
    owner_checker_owners_must_be_teams: "true"  # Disallow individual users as owners
  env:
    GITHUB_APP_ID: ${{ secrets.REDACTED }}
    GITHUB_APP_INSTALLATION_ID: ${{ secrets.REDACTED }}
    GITHUB_APP_PRIVATE_KEY: ${{ secrets.REDACTED }}

Troubleshooting

Using the Docker image directly with the same credentials works:

- name: Run CODEOWNERS validator
  uses: docker://mszostok/codeowners-validator:v0.7.4
  env:
    GITHUB_APP_ID: ${{ secrets.REDACTED }}
    GITHUB_APP_INSTALLATION_ID: ${{ secrets.REDACTED }}
    GITHUB_APP_PRIVATE_KEY: ${{ secrets.REDACTED }}
    REPOSITORY_PATH: "."
    OWNER_CHECKER_REPOSITORY: REDACTED/REDACTED
    OWNER_CHECKER_OWNERS_MUST_BE_TEAMS: "true"
    CHECKS: duppatterns,owners,syntax

Answer 1 · 2022-07-07T11:04:03.000Z

Hi @allanlewis

Thanks for reporting that. The problem is with your configuration. You used the env instead of with.

So it should be:

- name: Run CODEOWNERS validator
  uses: mszostok/codeowners-validator@v0.7.4
  with:
    checks: "owners,duppatterns,syntax"
    owner_checker_owners_must_be_teams: "true"  # Disallow individual users as owners
    github_app_id: ${{ secrets.REDACTED }}
    github_app_installation_id: ${{ secrets.REDACTED }}
    github_app_private_key: ${{ secrets.REDACTED }}

If you still want to use envs, I described it here:

If you want to use environment variables anyway, you must add the INPUT_ prefix to each environment variable. For example, OWNER_CHECKER_IGNORED_OWNERS becomes INPUT_OWNER_CHECKER_IGNORED_OWNERS.

so in this case it would be:

- name: Run CODEOWNERS validator
  uses: mszostok/codeowners-validator@v0.7.4
  with:
    checks: "owners,duppatterns,syntax"
    owner_checker_owners_must_be_teams: "true"  # Disallow individual users as owners
  env:
    INPUT_GITHUB_APP_ID: ${{ secrets.REDACTED }}
    INPUT_GITHUB_APP_INSTALLATION_ID: ${{ secrets.REDACTED }}
    INPUT_GITHUB_APP_PRIVATE_KEY: ${{ secrets.REDACTED }}

However, I will adjust the documentation to make it more straight forward, to just copy-paste what needed.

Answer 2 · 2022-07-07T11:29:30.000Z

Let me know whether is more readable now :)
https://github.com/mszostok/codeowners-validator/blob/main/docs/gh-auth.md#github-app

Answer 3 · 2022-07-08T09:04:46.000Z

Thanks, @mszostok - the reason I was trying to use env vars was that the app authentication parameters weren't listed in action.yml. I see that you've addressed that in ccda6cc - are you intending to make a new release in the near future?

Answer 4 · 2022-07-12T20:47:17.000Z

Not sure about that as I want to release it with at least one new feature. However you can use it in that way without the release. You will just see the notice about missing props but the action will work properly 👍
See: https://github.com/GitHubCODEOWNERS/codeowners-samples/actions/runs/2655128900

Answer 5 · 2022-07-25T15:19:20.000Z

im having the similar issue, I configured the actions in this way:

    - uses: mszostok/codeowners-validator@v0.7.4
      with:
        github_app_id: 'REDACTED'
        github_app_installation_id: 'REDACTED'
        github_app_private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
        checks: "files,owners,duppatterns,syntax"
        experimental_checks: "notowned,avoid-shadowing"

and I got this output where action complains that documented required fields are not expected.

$ Run mszostok/codeowners-validator@v0.7.4
Warning: Unexpected input(s) 'github_app_id', 'github_app_installation_id', 'github_app_private_key', valid inputs are ['entryPoint', 'args', 'github_access_token', 'github_base_url', 'github_upload_url', 'experimental_checks', 'checks', 'repository_path', 'check_failure_level', 'not_owned_checker_skip_patterns', 'owner_checker_repository', 'owner_checker_ignored_owners', 'owner_checker_allow_unowned_patterns', 'owner_checker_owners_must_be_teams', 'not_owned_checker_subdirectories', 'not_owned_checker_trust_workspace']

am I missing something?

Answer 6 · 2022-07-25T15:21:18.000Z

Hi @iamstarkov,

For 0.7.4 you will see this warning. However, the validator will work properly, the warning will disappear in 0.7.5.

I will cut a new release this week 👍

Answer 7 · 2022-07-25T15:26:34.000Z

I wouldn't classify it as a warning, due to it failing the build haha.

@mszostok thank you

Answer 8 · 2022-07-25T15:27:29.000Z

@iamstarkov are you sure? I tested that and the build was not failing, see: https://github.com/GitHubCODEOWNERS/codeowners-samples/actions/runs/2655128900

Answer 9 · 2022-07-25T15:27:56.000Z

can you share your job execution?

Answer 10 · 2022-07-25T15:42:23.000Z

@mszostok nevermind, im a dumbass and forgot to add private key in secrets. thank you again for the help