[github actions] FINALLY fix the mysterious token error in github actions #142058
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
XilaiZhang
changed the title
XilaiZhang
changed the title
CaseyHillers
approved these changes
Jan 24, 2024
|
Why is this failing on Google testing? |
created b/322018010 earlier and passed it to current oncall. Yeah sorry I am aware that I have already declined a number of bugs outside my rotation recently, trying to catch up on projects at the moment |
XilaiZhang
added
the
autosubmit
engine-flutter-autoroll
added a commit
to engine-flutter-autoroll/packages
that referenced
this pull request
Jan 24, 2024
auto-submit bot
pushed a commit
to flutter/packages
that referenced
this pull request
Jan 24, 2024
flutter/flutter@5b673c2...19b06f4 2024-01-24 engine-flutter-autoroll@skia.org Roll Flutter Engine from 7c592dbfa032 to ba3a70ce7722 (2 revisions) (flutter/flutter#142130) 2024-01-24 engine-flutter-autoroll@skia.org Roll Flutter Engine from 700235c85d4a to 7c592dbfa032 (2 revisions) (flutter/flutter#142108) 2024-01-24 engine-flutter-autoroll@skia.org Roll Flutter Engine from da96f9de3f69 to 700235c85d4a (1 revision) (flutter/flutter#142100) 2024-01-24 engine-flutter-autoroll@skia.org Roll Flutter Engine from 220416cfa6ca to da96f9de3f69 (5 revisions) (flutter/flutter#142098) 2024-01-24 ybz975218925@gmail.com Don't change the height of the Textfield's labelStyle when it focused. (flutter/flutter#141943) 2024-01-24 polinach@google.com Ignore a leak. (flutter/flutter#141737) 2024-01-24 xilaizhang@google.com [github actions] FINALLY fix the mysterious token error in github actions (flutter/flutter#142058) 2024-01-24 jacksongardner@google.com Revert "Add abifilters to our gradle templates" (flutter/flutter#142089) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from 0b9b538bd458 to 220416cfa6ca (2 revisions) (flutter/flutter#142079) 2024-01-23 34871572+gmackall@users.noreply.github.com Add abifilters to our gradle templates (flutter/flutter#135529) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from 11a16d83ab6c to 0b9b538bd458 (2 revisions) (flutter/flutter#142076) 2024-01-23 49699333+dependabot[bot]@users.noreply.github.com Bump actions/upload-artifact from 4.2.0 to 4.3.0 (flutter/flutter#142075) 2024-01-23 andrewrkolos@gmail.com consolidate AssetBundle::entries and AssetBundle::entryKinds into a new type, `AssetBundleEntry` (flutter/flutter#142029) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from 57d6b518f920 to 11a16d83ab6c (4 revisions) (flutter/flutter#142071) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from 994054143fc3 to 57d6b518f920 (3 revisions) (flutter/flutter#142067) 2024-01-23 christopherfujino@gmail.com [flutter_tools] fix language_version_test and enable shuffle (flutter/flutter#142009) 2024-01-23 ian@hixie.ch Merge flutter_goldens_client into flutter_goldens (flutter/flutter#141900) 2024-01-23 chingjun@google.com Allow overriding the native assets yaml file in the resident runner. (flutter/flutter#142016) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from b229878c57f5 to 994054143fc3 (1 revision) (flutter/flutter#142059) 2024-01-23 jhy03261997@gmail.com Update material banner maxScaleFactor to meet GAR requirement (flutter/flutter#142015) 2024-01-23 36861262+QuncCccccc@users.noreply.github.com Add tooltip for the clear button on `SearchAnchor`'s search view (flutter/flutter#141804) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-packages Please CC bmparr@google.com,rmistry@google.com,stuartmorgan@google.com on the revert to ensure that a human is aware of the problem. To file a bug in Packages: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://issues.skia.org/issues/new?component=1389291&template=1850622 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
8 tasks
arc-yong
pushed a commit
to Arctuition/packages-arc
that referenced
this pull request
Jun 14, 2024
flutter/flutter@5b673c2...19b06f4 2024-01-24 engine-flutter-autoroll@skia.org Roll Flutter Engine from 7c592dbfa032 to ba3a70ce7722 (2 revisions) (flutter/flutter#142130) 2024-01-24 engine-flutter-autoroll@skia.org Roll Flutter Engine from 700235c85d4a to 7c592dbfa032 (2 revisions) (flutter/flutter#142108) 2024-01-24 engine-flutter-autoroll@skia.org Roll Flutter Engine from da96f9de3f69 to 700235c85d4a (1 revision) (flutter/flutter#142100) 2024-01-24 engine-flutter-autoroll@skia.org Roll Flutter Engine from 220416cfa6ca to da96f9de3f69 (5 revisions) (flutter/flutter#142098) 2024-01-24 ybz975218925@gmail.com Don't change the height of the Textfield's labelStyle when it focused. (flutter/flutter#141943) 2024-01-24 polinach@google.com Ignore a leak. (flutter/flutter#141737) 2024-01-24 xilaizhang@google.com [github actions] FINALLY fix the mysterious token error in github actions (flutter/flutter#142058) 2024-01-24 jacksongardner@google.com Revert "Add abifilters to our gradle templates" (flutter/flutter#142089) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from 0b9b538bd458 to 220416cfa6ca (2 revisions) (flutter/flutter#142079) 2024-01-23 34871572+gmackall@users.noreply.github.com Add abifilters to our gradle templates (flutter/flutter#135529) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from 11a16d83ab6c to 0b9b538bd458 (2 revisions) (flutter/flutter#142076) 2024-01-23 49699333+dependabot[bot]@users.noreply.github.com Bump actions/upload-artifact from 4.2.0 to 4.3.0 (flutter/flutter#142075) 2024-01-23 andrewrkolos@gmail.com consolidate AssetBundle::entries and AssetBundle::entryKinds into a new type, `AssetBundleEntry` (flutter/flutter#142029) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from 57d6b518f920 to 11a16d83ab6c (4 revisions) (flutter/flutter#142071) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from 994054143fc3 to 57d6b518f920 (3 revisions) (flutter/flutter#142067) 2024-01-23 christopherfujino@gmail.com [flutter_tools] fix language_version_test and enable shuffle (flutter/flutter#142009) 2024-01-23 ian@hixie.ch Merge flutter_goldens_client into flutter_goldens (flutter/flutter#141900) 2024-01-23 chingjun@google.com Allow overriding the native assets yaml file in the resident runner. (flutter/flutter#142016) 2024-01-23 engine-flutter-autoroll@skia.org Roll Flutter Engine from b229878c57f5 to 994054143fc3 (1 revision) (flutter/flutter#142059) 2024-01-23 jhy03261997@gmail.com Update material banner maxScaleFactor to meet GAR requirement (flutter/flutter#142015) 2024-01-23 36861262+QuncCccccc@users.noreply.github.com Add tooltip for the clear button on `SearchAnchor`'s search view (flutter/flutter#141804) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-packages Please CC bmparr@google.com,rmistry@google.com,stuartmorgan@google.com on the revert to ensure that a human is aware of the problem. To file a bug in Packages: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://issues.skia.org/issues/new?component=1389291&template=1850622 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This should finally (with high confidence) fix #141980, the mysterious error where git push sometimes fail.
Root cause:
When a pull request merges onto flutter's master branch, it is actually a merge from a branch on a flutter contributor's repository, to flutter's repository. Therefore, the actor of the pull request event, is the user that opened the pull request. And this actor would not have write access to repo and therefore the repo secret resolves to empty.
Therefore running your pull_request workflow when a pull request merges doesn't work because even though we are not running our workflows on a forked repository, the actor of the pull_request event comes from a forked repository, and secrets are not passed to this actor.
The correct way is using pull_request_target event instead of pull_request event. In workflows triggered by this event, GITHUB_TOKEN is granted read/write repository permission unless the permissions key is specified and the workflow can access secrets, even when the actor of the workflow trigger comes from a fork.
Note that workflows of this event runs in the context of the base commit and not the merge commit. But this doesn't matter for our use case since we are good with using the actions file from the base commit in the pull request event.
Tested:
I was finally able to reproduce the error by:
reproduced error
previously I wasn't able to reproduce this error on my personal repo because the actors in my tests are the same user.
Also tested on my personal repo, following the steps mentioned above, that using the pull_request_event type fixes the error. succeeded run
The Debug Process:
spent quite a while looking at other things during debugging, but they turned out to be unrelated. things that we experimented with are workflow conditions, ssh setup, git push url, manual trigger, workflow env, secret setup, dependency on market place actions (actions/checkout and peter-evans/create-pullrequest)