Private repository submodule sync failed.

[socar-baegoon]

• yml setting.

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
      with:
        ref: develop
        submodules: true

• actions log
  

Please fix it. 🙏

[TingluoHuang]

@socar-baegoon did you configure your submodule via ssh? can you try configure your submodule using https://github.com/org/repo format?

[elan]

Tried that and it didn't work.

Cloning into '/home/runner/work/xxx/xxx/player'...
remote: Repository not found.
fatal: repository 'https://github.com/yyy/zzz/' not found

[socar-baegoon]

@socar-baegoon did you configure your submodule via ssh? can you try configure your submodule using https://github.com/org/repo format?

This issue occurs not because of ssh, but because of private repository.
submodule is in the same owner's repository, but the issue occurs. 😢

[elan]

(In my case it's a different owner—org vs personal—but still can't make it work. All are private repos.)

[maxilevi]

This is happening to me too. I've tried setting the token input but it didn't work either.

[TingluoHuang]

@maxilevi have your try set token to be your PAT? the default GITHUB_TOKEN might not have permission to your submodules repo.

[maxilevi]

@TingluoHuang Yes, I've created a new PAT with full repo access and added it as a secret to the repository. Then I called the action this way:

- uses: actions/checkout@v1
   with:
      token: ${{ secrets.HEDRA_CI }}
      submodules: true

And it fails with the following error (same as the other guys):

Host key verification failed.
##[error]fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
##[error]fatal: clone of 'git@github.com:maxilevi/zzz.git' into submodule path 'D:/a/yyy/zzz' failed
Failed to clone 'zzz'. Retry scheduled

[TingluoHuang]

@maxilevi your submodules are configured via ssh, can you try add them as https?

[maxilevi]

@TingluoHuang Thank you, it works now. Any plans on supporting ssh?

[socar-baegoon]

@socar-baegoon did you configure your submodule via ssh? can you try configure your submodule using https://github.com/org/repo format?

Thank you! It works!

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
      with:
        ref: develop
        token: ${{ secrets.BAEGOON_TOKEN }}
        submodules: true

[submodule "subprojects/protocol/src/main/proto"]
	path = subprojects/protocol/src/main/proto
	url = https://github.com/owner/protocol.git

[socar-baegoon]

I will close this issue.
Thank you for everybody help. ❤️

[joeshaw]

I ran into this same issue and made a slightly different tweak. As part of my workflow I use .gitconfig to tweak the URLs. That way I don't have to switch from using the git protocol to https in my .gitmodules file and affect my development setup.

As my first step in my YAML file, before running actions/checkout with submodules: true:

    - name: Fix up git URLs
      run: echo -e '[url "https://github.com/"]\n  insteadOf = "git@github.com:"' >> ~/.gitconfig

@TingluoHuang I feel like this issue should be reopened if it's not the desired behavior, and if it is I think it needs to be better documented. I can open another issue if that is desirable.

[TingluoHuang]

@joeshaw i am in the process of documenting all these problems.

[jinzishuai]

Hi there, I am having exactly the same issue here.
Although my submodule is configured to use https

All submodules are authenticated using the same credentials so I wonder why GITHUB_TOKEN does not work.

[socar-baegoon]

@jinzishuai

Hi there, I am having exactly the same issue here.
Although my submodule is configured to use https

All submodules are authenticated using the same credentials so I wonder why GITHUB_TOKEN does not work.

Please refer to this link.
#14 (comment)

and please use this link to create a token.
https://help.github.com/en/articles/creating-a-personal-access-token-for-the-command-line

[jinzishuai]

Please refer to this link.
#14 (comment)

and please use this link to create a token.
https://help.github.com/en/articles/creating-a-personal-access-token-for-the-command-line

@socar-baegoon Thank you. I got it working following your instructions.

[sunt05]

@socar-baegoon did you configure your submodule via ssh? can you try configure your submodule using https://github.com/org/repo format?

Thank you! It works!

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
      with:
        ref: develop
        token: ${{ secrets.BAEGOON_TOKEN }}
        submodules: true

[submodule "subprojects/protocol/src/main/proto"]
	path = subprojects/protocol/src/main/proto
	url = https://github.com/owner/protocol.git

This should be added into the manual page.

[rcoup]

If this helps anyone, this is working for me:

• using a/the github token
• to clone a URL accessed via git@github.com/user/repo.git (maybe via submodules/homebrew/a script/something else)
• in GH actions
• with runs-on: [macOS-latest]

# disable the keychain credential helper
git config --global credential.helper ""
# enable the local store credential helper
git config --global --add credential.helper store
# add credential
echo "https://x-access-token:${{ secrets.A_TOKEN }}@github.com" >> ~/.git-credentials
# tell git to use https instead of ssh whenever it encounters it
git config --global url."https://github.com/".insteadof git@github.com:
# do something
git clone git@github.com:user/repo.git

[MaEtUgR]

Big thanks to @rcoup for sharing the solution. I used it directly in the yml. Had to be careful because of the colon:

steps:
- uses: actions/checkout@v1 # without submodules
- name: disable the keychain credential helper
  run: git config --global credential.helper ""
- name: enable the local store credential helper
  run: git config --global --add credential.helper store
- name: add credential
  run: echo "https://x-access-token:${{ secrets.SUBMODULE_CLONE_TOKEN }}@github.com" >> ~/.git-credentials
- name: tell git to use https instead of ssh whenever it encounters it
  run: 'git config --global url."https://github.com/".insteadof git@github.com:'
- name: do smoething
  run: {that updates submodules}

[trusktr]

@joeshaw I'm having no luck with your approach.

I made a personal access token with the scope public_repo, then in my repo that has the submodules I created a secret called ACCESS_TOKEN and pasted the token in there.

This is what I have in my yaml file:

name: Node CI

on: [push]

jobs:
  build:

    runs-on: ubuntu-latest

    strategy:
      matrix:
        node-version: [13.x]

    steps:
    - run: echo -e '[url "https://github.com/"]\n  insteadOf = "git@github.com:"' >> ~/.gitconfig

    # I verified that the output looks fine
    - run: cat ~/.gitconfig

    - uses: actions/checkout@v1
      with:
        submodules: 'recursive'
        token: ${{ secrets.ACCESS_TOKEN }}

    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v1
      with:
        node-version: ${{ matrix.node-version }}
    - name: npm install, build, and test
      run: |
        npm i
        npm test
      env:
        CI: true

which results in the same errors as others above:

Host key verification failed.
##[error]fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
##[error]fatal: clone of 'git@bitbucket.org:infamous/element.git' into submodule path '/home/runner/work/umbrella/umbrella/packages/element' failed
Failed to clone 'packages/element'. Retry scheduled

Did I do something obviously wrong?

---

EDIT: I gave up, and converted all my git submodule URLs to https format inside .gitmodules. That worked fine.

[joeshaw]

@trusktr look carefully at your error message. It’s failing to pull from bitbucket, not github. You’ll need a similar insteadOf for it.

[h1manshug]

@socar-baegoon did you configure your submodule via ssh? can you try configure your submodule using https://github.com/org/repo format?

Thank you! It works!

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
      with:
        ref: develop
        token: ${{ secrets.BAEGOON_TOKEN }}
        submodules: true

[submodule "subprojects/protocol/src/main/proto"]
	path = subprojects/protocol/src/main/proto
	url = https://github.com/owner/protocol.git

Not working for me

[socar-baegoon]

@socar-baegoon did you configure your submodule via ssh? can you try configure your submodule using https://github.com/org/repo format?

Thank you! It works!

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
      with:
        ref: develop
        token: ${{ secrets.BAEGOON_TOKEN }}
        submodules: true

[submodule "subprojects/protocol/src/main/proto"]
	path = subprojects/protocol/src/main/proto
	url = https://github.com/owner/protocol.git

Not working for me

This solution was a year ago.
I don't use submodules anymore.
If you continue to have difficulties, I recommend you to package and use the module.
Very easy!!! (https://docs.github.com/en/packages)

Good luck 👍

[killthekitten]

@h1manshug using ssh-key would be another option:

jobs:
  tests:
    steps:      
      - uses: actions/checkout@master
        with:
          ssh-key: ${{ secrets.CI_SSH_PRIVATE_KEY }}
          submodules: true

You might want to create a machine user to hold the ssh key for you.

[xli140602]

this way the workflow can switch between https and ssh

[submodule "subprojects/protocol/src/main/proto"]
	path = subprojects/protocol/src/main/proto
	url = git@github.com:owner/protocol.git

[lencshu]

it works for me as a solution 2023:

      - name: Checkout repository
        uses: actions/checkout@v2
        with:
          submodules: 'recursive'
          token: ${{ secrets.SUBMODULE_GITHUB_TOKEN }}

[levifussell]

@lencshu's solution worked for me. Created the access token on my personal repo, made sure to give it full read/write persmissions.