New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Data source github_actions_public_key returns a 404 #667
Comments
We have a same/similar issue:
|
github_actions_public_key data source is failing because my github organization requires SAML auth: 404/Not Found when sending requests without SSO Auth Token as header:
Successful response when providing an SSO-enabled Github Personal Access Token (PAT) as an Authorization header.
There is no way I can see using to authenticate to Github organizations requiring SAML auth in the -- Alternate question, I possess the public key value which the github_actions_public_key data source wishes to retrieve. Am I able to set this variable in TF so the |
Migrating to |
I was able to solve this by setting these ENV variables. |
tried everything in this thread, nothing work. actions/secrets/public-key: 404 Not Found [] |
Debug with curl first: https://docs.github.com/en/rest/actions/secrets#get-a-repository-public-key Verifications:
With these steps you should be able to solve it 🥳 |
Your PAT token needs to have the |
hey all; after combing through the different replies here, and trying a bunch of different things, I simplest way I could get this to work is to leave the
There are, ofc, different ways to achieve this, but I just wanted to leave this as a one-line copy/paste-able workaround to this problem. hope it helps others until the underlying issue is fixed. |
just found out that there may be a typo in the terraform provider. Terraform reports an error: |
I can confirm @paullatzelsperger's observation:
|
from what I can tell, https://github.com/integrations/terraform-provider-github/blob/main/vendor/github.com/google/go-github/v48/github/actions_secrets.go#L51 concatenates the provided URL with the base URL and adds a separating |
... no, sorry, if the |
Hi, is there a work around for this as I am getting the double slash in my get request url when using the github_actions_secret resource and I've not found a way to fix it. I can swear that I had this working yesterday but I changed my terraform module structure and now there's a double slash there :( |
I got this working with the following configuration: Configure a fine-grained PAT with GitHub Actions Workflow:
main.tf
secret.tf
Note:
Unfortunately, there doesn't seem to be a way to assign |
Any ETA on a provider fix here? |
@enchorb the issue being discussed here is almost always indicative of an authentication issue: either auth is not passed to the Terraform module correctly (using env vars with a PAT tends to be the approach most find success with) or else the token does not have proper permissions. Ideally, we'd have a better error message for this when we can see we have no auth or user configured in such operations (contributions are appreciated!). |
The following curl request works for me (fine-grained token with
Response (redacted):
This is the error message I receive when using TF provider:
So, I tried to use this URL with the same token and it didn't work:
Response:
Therefore, it's not a token issue since the token is the same in both cases Note the differences between URLs:
I've tried different combinations with TF config:
Vars
It does look like an error in the provider, tbh. |
Based on the @iskarconsulting config (huge thanks!), I believe the following causes the 404 error: Full solution:
PAT: Fine-grained with It would be nice to know if there are terms/names for "REPO" and "OWNER/REPO" (e.g. repository vs full_repository_name)? It's been always confusing to me when to use which... |
The Github provider has a very peculiar behavior when it comes to how the URL is built and it is not documented. Basically there are two cases you are dealing with,
Summary: |
@maulik13 That is excellent information. Would you be receptive to creating a PR for our docs to describe this behavior? Ideally, we'd make this more consistent across the provider, but that would likely be a breaking change to work up towards with a deprecation notice. |
I looked at @jackton1's solution and realised that my permission settings were different. I had been using a Fine-grained-token (beta) PAT. So I generated a Token (classic) PAT and set the permission as per Jackson's solution and this worked 🎉 ! This could mean the module doesn't work with the fine-grained "beta" tokens... |
I did an experiment and tried to give a Fine-grained token full / super admin permissions (i.e. with full rights to everything). I ended up back where I was i.e. the error being experienced in this forum reoccured, that tells me you need to use the Classic Token (with the correct permissions) and it doesn't work with the Fine Grained Token (for some reason 🤷 ). |
Terraform Version
Terraform 0.13.6
Affected Resource(s)
Terraform Configuration Files
Provider configuration:
Debug Output
https://gist.github.com/amogram/a937c1f0d83ec8dee2a390ed8fdcecf6
Panic Output
Expected Behavior
The data source should retrieve information about a GitHub Actions public key.
Actual Behavior
The call returns a 404. The makeup of the GET request doesn't appear to be correct. It seems to be missing the organization name.
It appears to be a similar issue to #655 and what is discussed here: #652 (comment)
Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
terraform plan
.Important Factoids
References
It appears to be a similar issue to #655 and what is discussed here: #652 (comment)
The text was updated successfully, but these errors were encountered: