Does not work with Github App Token

[runecalico]

Hello,

Thank you for your time working on this GHA.
The following line seems to have a problem when used with a Github Application Token.

gh-action--git-checkout/action.yml

Line 48 in b678e58

if git ls-remote -q --exit-code "https://${{ inputs.token }}@github.com/${{ inputs.repository }}" > /dev/null 2>&1; then

When using a token from a Github Application, the if/then will result in false, setting is-repo-exists-and-has-ref to false.

If you use oauth2: or : as the value of inputs.token the check will work as expected in my case, resulting in a true result, setting is-repo-exists-and-has-ref to true.

Unfortunately, checkout/v3 DOES work with a Github Application Token - https://github.com/andry81-devops/gh-action--git-checkout/blob/master/action.yml#L67

So the workaround for the git ls-remote causes a failure with checkout/v3 :(

I do not know if you can use the oauth2: syntax when using a PAT token.

The second possible problem is that the command is not actually checking the ref input.

The command to do so should be git ls-remote -q --exit-code "https://${{ inputs.token }}@github.com/${{ inputs.repository }}" ${{ inputs.ref }} > /dev/null 2>&1

Thank you for your time.

[andry81]

I do not know if you can use the oauth2: syntax when using a PAT token.

I had never being tested the oauth2. Only the PAT have used: https://github.com/settings/tokens

The oauth2 has a different link: https://github.com/settings/developers

The command to do so should be git ls-remote -q --exit-code "https://${{ inputs.token }}@github.com/${{ inputs.repository }}" ${{ inputs.ref }} > /dev/null 2>&1

Thank you for the issue. I will fix that later.

[runecalico]

The issue I am having is that if I use the GitHub Application token as the input value token in the action, the git ls-remote check will set is-repo-exists-and-has-ref to false, which will skip the actions/checkout@v3 step and instead run "init" and setup a "new" repository. This is a problem when https://github.com/andry81-devops/gh-action--accum-gh-stats tries to push changes back to github.
If I send "oauth2:${{ steps.get_workflow_token.outputs.token }}" or "my-github-app-name:${{ steps.get_workflow_token.outputs.token }}" as the value of token in the action, the git ls-remote works as expected, however actions/checkout@v3 does not.

A quick test using my GitHub account seems to indicate that both a PAT and GitHub Application Token will work with the "oauth2:" syntax, or at least it worked for me :)

[andry81]

@runecalico can you recheck the issue?

[andry81]

@runecalico

A quick test using my GitHub account seems to indicate that both a PAT and GitHub Application Token will work with the "oauth2:" syntax, or at least it worked for me :)

I've tested your command line and it works whenever you are using oauth2, oauth with ghp_*, without or with random key.
This is expected because you are trying to use a public repo which is opened for reading at any case. The token is required for a private repo.