Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Credential Conflict #132

Closed
JamesIves opened this issue Jan 5, 2020 · 3 comments
Closed

Credential Conflict #132

JamesIves opened this issue Jan 5, 2020 · 3 comments

Comments

@JamesIves
Copy link

JamesIves commented Jan 5, 2020
edited

I have an action that deploys to GitHub pages using either an access token or the built in actions Github token. Due to an existing issue the page build will always fail if the GitHub token is used instead of the access token, therefore in my action I advise users to use an access token for their credentials.

The problem I'm experiencing is when using actions/checkout@v2 instead of actions/checkout@v1 and I believe it's due to how the Github token gets persisted in the workspace.

I've tried the following configuration setup and it works, but it doesn't seem to actually clear the Github token credentials used for the checkout until after my action runs, meaning that the page build will fail when the user runs it.

  
name: Build and Deploy
on: [push]
jobs:  
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        
      - name: Install
        run: |
          npm install
          npm run-script build

      - name: Build and Deploy
        uses: JamesIves/github-pages-deploy-action@releases/v3
        with:
          ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}
          BRANCH: gh-pages
          FOLDER: build

image

As you can see here it's pushing to the full repository URL, but I'm guessing whatever is in the global configuration is causing this to not be paid attention to: https://github.com/JamesIves/github-pages-deploy-action/blob/dev/src/git.ts#L151-L154

I can change my configuration to the following and it will work, but it's not ideal as I doubt this will be obvious to the user that this needs to happen even after updating my README.

  
name: Build and Deploy
on: [push]
jobs:  
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          token: ${{ secrets.ACCESS_TOKEN }}
        
      - name: Install
        run: |
          npm install
          npm run-script build

      - name: Build and Deploy
        uses: JamesIves/github-pages-deploy-action@releases/v3
        with:
          ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}
          BRANCH: gh-pages
          FOLDER: build

I've also tried using persist_credentials: false which feels like what I'd need, but the same post-job cleanup occurs instead of it occurring right after the checkout action complete. If this option did work I'd prefer this was defaulted to false as it conflicts with other actions that perform git commands.
@JamesIves JamesIves mentioned this issue Jan 6, 2020
Closed
@JamesIves
Copy link
Author

JamesIves commented Jan 14, 2020
edited

Still having this issue with persist_credentials not really doing anything. Am I using this incorrectly or misunderstanding its use?

- name: Checkout
   uses: actions/checkout@v2
   with:
     persist_credentials: false

@ericsciple
Copy link
Contributor

@JamesIves should be persist-credentials (hyphen not underscore)

@JamesIves
Copy link
Author

I need my eyes checked lol

Thanks, that works! I will update my documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JamesIves @ericsciple