Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Errors when using private fork #627

Closed
tomconte opened this issue Mar 28, 2023 · 1 comment
Closed

Errors when using private fork #627

tomconte opened this issue Mar 28, 2023 · 1 comment
Labels
stale

Comments

@tomconte
Copy link

tomconte commented Mar 28, 2023
edited

Hi all,

We tried using this GitHub action in the following context: private target repo in an organization, private fork in a user repo.

We got the following errors:

Error: This action does not have permission to create annotations on forks. You may want to run it only on `pull_request_target` events with checks permissions set to write. See https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#permissions for details.
Adding "xxx/platformops-agile-plant-accelerator" fork as remote with Git
Fetching remote branch "jvl/blob-sdk"
remote: Repository not found.
fatal: repository 'https://github.com/xxx/platformops-agile-plant-accelerator.git/' not found
Error: Command failed: git fetch --no-tags --depth=1 fork jvl/blob-sdk
remote: Repository not found.
fatal: repository 'https://github.com/xxx/platformops-agile-plant-accelerator.git/' not found

Here is my understanding of the issues:

Error 1: Error: This action does not have permission to create annotations on forks.

The cause: as described in the action's Limitations section in the README, workflows triggered from forks have read-only capability on the target repo, for security reasons. This means also that they cannot add annotations to the code.

In our case, because we are using private repos, and we have checked the option "Send write tokens to workflows from fork pull requests.", it is possible that this error message is incorrect, and that annotations would work.

I checked the GITHUB_TOKEN permissions and it has "write" for everything, so I think this first error message should just be ignored in our case, correct?

Could the action check the actual permissions to verify the situation, before emitting this message?

Error 2: Error: Command failed: git fetch

The cause here is that our fork is private, and the workflow running in the target repo does not have permissions to fetch it.

I have two questions here:

  1. If we don't want to use auto-fix, which is the default, is there a reason to fetch the branch from the remote?
  2. Is there a way we could allow the action to fetch the private fork?

Thanks!
@github-actions
Copy link
Contributor

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Apr 13, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Apr 18, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 28, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tomconte