Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add example to TROUBLESHOOTING.md #260

Closed
bseib opened this issue Feb 5, 2023 · 3 comments · Fixed by #262
Closed

Add example to TROUBLESHOOTING.md #260

bseib opened this issue Feb 5, 2023 · 3 comments · Fixed by #262
Labels
enhancement New feature or request

Comments

@bseib
Copy link
Contributor

bseib commented Feb 5, 2023

TL;DR

The following would be a good addition to your checklist of things to check when things are not working. In spite of reading the docs and following instructions, I still managed to miss adding the following to my workflow yaml file:

    # Add "id-token" with the intended permissions.
    # See: https://github.com/google-github-actions/auth#usage
    permissions:
      contents: 'read'
      id-token: 'write'

The error message for this situation begins with: "Error: google-github-actions/auth failed with: retry function failed after 1 attempt"

The first day of doing something new and getting things working is the most vulnerable time for missing tiny things, and spending hours tracking it down. This would be helpful for those people. 😄

Detailed design

No response

Additional information

No response
@bseib bseib added the enhancement New feature or request label Feb 5, 2023
@github-actions
Copy link

github-actions bot commented Feb 5, 2023

Hi there @bseib 👋!

Thank you for opening an issue. Our team will triage this as soon as we can. Please take a moment to review the troubleshooting steps which lists common error messages and their resolution steps.

@sethvargo
Copy link
Member

Hi @bseib

The full error message should be:

Error: google-github-actions/auth failed with: retry function failed after 1 attempt: gitHub Actions did not inject $ACTIONS_ID_TOKEN_REQUEST_TOKEN or $ACTIONS_ID_TOKEN_REQUEST_URL into this job. This most likely means the GitHub Actions workflow permissions are incorrect, or this job is being run from a fork. For more information, please see https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

And that links directly to GitHub's documentation. What additional troubleshooting information are you looking for?

@bseib
Copy link
Contributor Author

bseib commented Feb 6, 2023

Hey Seth, thanks for your help. This is what I wish I saw in the troubleshooting checklist:

image

And here's the PR for that suggestion: #262

It is simply another case that leads you to that error. And when I followed the troubleshooting checklist, if would have been super helpful to have found the solution there.

@sethvargo sethvargo mentioned this issue Feb 7, 2023
Merged
sethvargo pushed a commit that referenced this issue Feb 21, 2023
@bseib
Updated troubleshooting to add permissions example (#262)
483e21d 
<!--
Thank you for proposing a pull request! Please note that SOME TESTS WILL
LIKELY FAIL due to how GitHub exposes secrets in Pull Requests from
forks.
Someone from the team will review your Pull Request and respond.

Please describe your change and any implementation details below.
-->

Added another case that can cause `auth` to fail, helpful to users on
day one of using the tool and trying to understand what's happening.

Fixes
#260 (comment)
MrOrz added a commit to cofacts/rumors-api that referenced this issue Jun 25, 2023
@MrOrz
fix(ci.yml): add permissions
88b5f35 
Reference: google-github-actions/auth#260 (comment)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Updated troubleshooting to add permissions example bseib/auth
2 participants
@sethvargo @bseib