-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provided authentication credentials not taken into account when checking for open issues #17
Comments
I assume this is due to the fact that the runner could not read the previous report and executing the create new issue workflow. I'll check and update you on this. Line 133 in 08af42e
|
Hi @hazcod, I assume this is an isolated event, as the new scans (for 2 days) did not create a new issue: ironpeakservices/ironpeak.be#42 I will add more logs to figure out what went wrong. |
Hi
it is not able to find existing open issue. Probably because of : Since we are using PAT token it creates issue with another username in previous runs and username is verified as above it fails to get issue. @sshniro any suggestions how to workaround this or fixes coming for this. maybe token can be used to identify user used for zap scan / issue creation and then verify that user in actions-common. |
Quoted message
probably this can be used:
https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#get-the-authenticated-user |
Check the username of the authenticated user instead of always GitHub Actions' bot to match the expected user, otherwise the issue would not be found and it would be created a new one each time. Part of zaproxy/action-baseline#17. Signed-off-by: thc202 <thc202@gmail.com>
Check the username of the authenticated user instead of always GitHub Actions' bot to match the expected user, otherwise the issue would not be found and it would be created a new one each time. Part of zaproxy/action-baseline#17. Signed-off-by: thc202 <thc202@gmail.com>
Check the username of the authenticated user instead of always GitHub Actions' bot to match the expected user, otherwise the issue would not be found and it would be created a new one each time. Part of zaproxy/action-baseline#17. Signed-off-by: thc202 <thc202@gmail.com>
Update `actions-common-scans` to latest version to fix zaproxy#17. Update changelog and readme for release. Signed-off-by: thc202 <thc202@gmail.com>
Thanks so much! |
https://github.com/ironPeakServices/ironpeak.be/runs/578941295?check_suite_focus=true
The text was updated successfully, but these errors were encountered: