Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question] Write Permission check #20

Closed
julienloizelet opened this issue Jan 16, 2024 · 4 comments
Closed

[Question] Write Permission check #20

julienloizelet opened this issue Jan 16, 2024 · 4 comments
Labels
bug Something isn't working

Comments

@julienloizelet
Copy link

julienloizelet commented Jan 16, 2024
edited
Loading

Hi,

First, thanks for this very useful action.

Then, a few remarks:

since the release 1.2.0 (including this commit ), almost all my Keep Alive workflows no longer work because I protect the main branch on almost all my projects.

I guess I can solve it by setting auto_write_check to false (did no test yet, am I right ?).

Setting the default value of auto_write_check to true is a kind of breaking change for me, and I would have prefer a @v2 maybe (or still a @v1 if the default value is false).

Finally, my question is:

Is it normal that, even if we set explicitly the write permission in the workflow, the Keep alive step will throw an error ?

For example,

I'm using this generic action :

name: Keep Alive
on:

 schedule:
    - cron: '0 0 * * *'

permissions:
  contents: write

jobs:
  keep-alive:

    name: Keep Alive
    runs-on: ubuntu-latest

    steps:

      - name: Clone project files
        uses: actions/checkout@v3

      # keepalive-workflow adds a dummy commit if there's no other action here, keeps
      # GitHub from turning off tests after 60 days
      - uses: gautamkrishnar/keepalive-workflow@v1
        with:
          commit_message: "chore(*): Automated commit to keep the repository active"
          time_elapsed: 55

And it fails (because I protected the main branch) even if there is the permissions:contents: write directive.

Thanks
@julienloizelet julienloizelet mentioned this issue Jan 16, 2024
Closed
@tedmiston
Copy link

Same issue here. This set off pager alerts and broke my workflows. Rolling back to the unbroken version for now.

@gautamkrishnar
Copy link
Owner

gautamkrishnar commented Jan 16, 2024
edited
Loading

Oh, this makes sense, i thought setting it to true as default would be better. Will make it false instead. Thanks for the heads up.

@gautamkrishnar gautamkrishnar added the bug Something isn't working label Jan 16, 2024
gautamkrishnar added a commit that referenced this issue Jan 16, 2024
@gautamkrishnar
setting default as false in v3, ref: #20
dcf0eb1
@gautamkrishnar
Copy link
Owner

Just fixed the code and released an update that fixes the broken jobs. you guys can continue using the working gautamkrishnar/keepalive-workflow@v1 version now. I will create a v2 version that has the new defaults later.

@gautamkrishnar
Copy link
Owner

@tedmiston for your question Is it normal that, even if we set explicitly the write permission in the workflow, the Keep alive step will throw an error ? I am planning to add an additional check if the token has the right permissions in the future. Currently the github API has some bugs, so I am unable to implement it.

@tyler36 tyler36 mentioned this issue Jan 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tedmiston @gautamkrishnar @julienloizelet