Submodules from private repositories

[chorrell]

Apologies if this has already come up...I haven't been able to find an answer to this.

I'm attempting to setup Actions for a private GitHub repo. The repo pulls in two submodules, each of which are also private GitHub repos. My Action fails on checkout with ##[error]fatal: Could not read from remote repository.

How do I configure the checkout action with the right credentials to pull in these private submodules?

This is what I currently have for the checkout step as a starting point:

    - uses: actions/checkout@v1
      with:
        submodules: true

[thorker]

I think u need #14

- uses: actions/checkout@v1
   with:
        submodules: true
        token: ${{ secrets.CI_TOKEN }}

CI_TOKEN is a workflow secret & a personal access token, u can configure in the settings section.

[chorrell]

Oh! Perfect thanks, that solved my issue :)

[bernardolm]

You can use too:

    - name: Fix up git URLs
      run: |
        git config --global --add url."https://${{ secrets.GITHUB_SECRET }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
        git config --global --add url."https://${{ secrets.GITHUB_SECRET }}:x-oauth-basic@github.com/".insteadOf "git@github.com:"

[amezick]

If you are using 2fa or SAML don't forgot to enable SSO on your TOKEN from within your account settings.

[inv-kunal-bansal]

can we just use the GITHUB_TOKEN instead of the workflow secret. It should also have read permissions for the repository in the submodule right?

[DFU398]

can we just use the GITHUB_TOKEN instead of the workflow secret. It should also have read permissions for the repository in the submodule right?

Tried that, doesn't work for me.
https://docs.github.com/en/actions/security-guides/automatic-token-authentication says "The token's permissions are limited to the repository that contains your workflow", so the reason it doesn't work is probably because the GITHUB_TOKEN doesn't have read permissions for the submodules repositories