getsentry / action-github-app-token Goto Github PK

Environment

How do you use Sentry?
Sentry SaaS (sentry.io) or self-hosted/on-premise (which version?)

Which SDK and version?
e.g: JavaScript 5.11.1, .NET 1.2.0

Steps to Reproduce

1. What
2. you
3. did.

Expected Result

What you thought would happen.

Actual Result

What actually happened. Maybe a screenshot/recording? Maybe some logs?

Node.js 16 actions are deprecated. Please update action-github-app-token to use Node.js 20.

For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.

Environment

N/A

Steps to Reproduce

1. Create an app, produce a private key
2. Forget to install it
3. Run a workflow that uses this step

Expected Result

An error message stating that no installations were found.

Actual Result

The error occurs because

Hi! This action is exactly what I need, thank you for creating and publishing it!

I see the link for the GitHub marketplace is returning not found, and there has been a dependency update since the v1 tag was published.

One question, and one request 😺

1. Please would you publish a new release tag?
2. Is it intentional that this is not published in GitHub Actions Marketplace? Not sure whether that was deliberate or accidental, and figured I should ask before using this.

Thank you 👍

I want to use the latest version including #6 .

#6 has been merged main branch, however build module such index.js is not included #6.

Would you create and publish the latest version?

Hello,

There is an MIT license designation in the project's package.json, but this alone can be considered ambiguous or insufficient for organizations that are concerned about copyright laws.

A full license document would be preferable so that the full details and terms can be made clear. Can you please add one?

Thanks!

The error message Error: Cannot read properties of undefined (reading 'id') isn't very descriptive. I looked into this action's source code and realized that the app wasn't properly installed to the repo so this line throws:

Overview

Inspired by tibdex/github-app-token, I propose that a permissions input is added to be able to configure a desired subset of permissions that should be issued to the token.

Example Usage

- uses: getsentry/action-github-app-token@v2
  with:
    app_id: ${{ secrets.APP_ID }}
    private_key: ${{ secrets.APP_PRIVATE_KEY }}
    permissions: |
      {"contents": "read"}

Implementation

Per octokit/auth-app.js, it appears that a permissions argument can be specified to the appOctokit.auth call. I believe having a permissions input that is a JSON map of desired permissions would be the easiest adoption of this function.

Environment

What version are you running? Etc.

Steps to Reproduce

Node.js 12 actions are deprecated. For more information see: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/. Please update the following actions to use Node.js 16: getsentry/action-github-app-token

Expected Result

What you thought would happen.

Actual Result

What actually happened. Maybe a screenshot/recording? Maybe some logs?

Steps to Reproduce

1. Create GitHub App
2. Install the App on a repository
3. Install the App on a second repository ("number-two")
4. Add app ID and private key to repo "number-two" secrets
5. Add workflow that uses this action with those secrets to get an access token and uses it to perform an action on the "number-two" repository (e.g. create a deployment)

Expected Result

Access token works on the "number-two" repository

Actual Result

API returns 404 error because the access token does not have permissions on the "number-two" repository.

This is because this action returns a semi-random installation's token.
It does not look at the Actions environment to get the current repository, or have inputs to determine which repository should be set.

The input scope looks at the installation information, apparently to match on who installed the app, which seems to be a very limited way to match the app.

For an example Action that does this correctly, see https://github.com/tibdex/github-app-token

Could you please add a "v2" tag pointing to the latest "v2" version as you have with "v1"?

This will allow us to keep the version tag in our workflows constant as we pick up enhancements/fixes on the major version.

Environment

getsentry/action-github-app-token@v3

Steps to Reproduce

1. Create a workflow
2. Run it
3. Unable to resolve action getsentry/action-github-app-token@v3, unable to find version v3

Expected Result

No such error happens.

Actual Result

2024-02-02T08:29:43.4845300Z Requested labels: ubuntu-latest
2024-02-02T08:29:43.4845578Z Job defined at: kyanny/didactic-telegram/.github/workflows/blank.yml@refs/heads/main
2024-02-02T08:29:43.4845726Z Waiting for a runner to pick up this job...
2024-02-02T08:29:44.0233056Z Job is waiting for a hosted runner to come online.
2024-02-02T08:29:47.3523742Z Job is about to start running on the hosted runner: GitHub Actions 24 (hosted)
2024-02-02T08:29:49.1220089Z Current runner version: '2.312.0'
2024-02-02T08:29:49.1247090Z ##[group]Operating System
2024-02-02T08:29:49.1247940Z Ubuntu
2024-02-02T08:29:49.1248565Z 22.04.3
2024-02-02T08:29:49.1249098Z LTS
2024-02-02T08:29:49.1249703Z ##[endgroup]
2024-02-02T08:29:49.1250331Z ##[group]Runner Image
2024-02-02T08:29:49.1250989Z Image: ubuntu-22.04
2024-02-02T08:29:49.1251652Z Version: 20240126.1.0
2024-02-02T08:29:49.1252954Z Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20240126.1/images/ubuntu/Ubuntu2204-Readme.md
2024-02-02T08:29:49.1254705Z Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20240126.1
2024-02-02T08:29:49.1255846Z ##[endgroup]
2024-02-02T08:29:49.1256465Z ##[group]Runner Image Provisioner
2024-02-02T08:29:49.1257266Z 2.0.341.1
2024-02-02T08:29:49.1257868Z ##[endgroup]
2024-02-02T08:29:49.1259153Z ##[group]GITHUB_TOKEN Permissions
2024-02-02T08:29:49.1260989Z Contents: read
2024-02-02T08:29:49.1261731Z Metadata: read
2024-02-02T08:29:49.1262556Z Packages: read
2024-02-02T08:29:49.1263254Z ##[endgroup]
2024-02-02T08:29:49.1266445Z Secret source: Actions
2024-02-02T08:29:49.1267367Z Prepare workflow directory
2024-02-02T08:29:49.1889460Z Prepare all required actions
2024-02-02T08:29:49.2045501Z Getting action download info
2024-02-02T08:29:49.4361635Z ##[error]Unable to resolve action `getsentry/action-github-app-token@v3`, unable to find version `v3`

Environment

v2.0.0

Steps to Reproduce

1. Using self-hosted runner (based on Ubuntu 22.04) tried to run the action to get Github API key.
2. It failed with that error.

Expected Result

It would work

Actual Result

Errored out.
Ref: https://github.com/samipsolutions/helm-charts/actions/runs/3393940272/jobs/5641874983

Something else to add?

Probably related: nodejs/node#43132

Context

GitHub Actions: Deprecating save-state and set-output commands

Environment

GitHub-hosted runner, ubuntu-20.04 Version 20221002.2

Steps to Reproduce

1. Use this action in workflow

Expected Result

Action runs without warning.

Actual Result

Action gives deprecation warning.