Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support: Cannot push to protected branches using Enterprise TOKEN #1077

Open
3 tasks done
navachaitanyak opened this issue May 9, 2024 · 3 comments
Open
3 tasks done
Assignees
Labels
support User support

Comments

@navachaitanyak
Copy link

Checklist

  • I am using the latest version of this action.
  • I have read the latest README and followed the instructions.
  • I have read the latest GitHub Actions official documentation and learned the basic spec and concepts.

Describe your question

I'm trying to push the docs directory to the gh-pages branch. Since the gh-pages branch is protected with 1 reviewer, I cannot push anything to the gh-pages branch also I want to use a token created in Enterprise GitHub
and I don't want to use github_token instead I would like to use my token which was created by the enterprise owner on enterprise GitHub

Relevant links

Public repository: Its internal enterprise repository
YAML config:
YAML workflow:

Relevant log output

Run enterprise/gha-allure-gh-pages@v3
  with:
    github_token: ***
    publish_branch: gh-pages
    publish_dir: docs
    cname: github.enterprise.com
    allow_empty_commit: false
    keep_files: false
    force_orphan: false
    enable_jekyll: false
    disable_nojekyll: false
    exclude_assets: .github
[INFO] Usage https://github.com/peaceiris/actions-gh-pages#readme
Dump inputs
  [INFO] GithubToken: true
  [INFO] PublishBranch: gh-pages
  [INFO] PublishDir: docs
  [INFO] DestinationDir: 
  [INFO] ExternalRepository: 
  [INFO] AllowEmptyCommit: false
  [INFO] KeepFiles: false
  [INFO] ForceOrphan: false
  [INFO] UserName: 
  [INFO] UserEmail: 
  [INFO] CommitMessage: 
  [INFO] FullCommitMessage: 
  [INFO] TagName: 
  [INFO] TagMessage: 
  [INFO] EnableJekyll (DisableNoJekyll): false
  [INFO] CNAME: github.enterprise.com
  [INFO] ExcludeAssets .github

Setup auth token
  [INFO] setup GITHUB_TOKEN
Prepare publishing assets
Setup Git config
  /usr/bin/git remote rm origin
  /usr/bin/git remote add origin ***github.enterprise.com/enterprise/abcd-automation.git
  /usr/bin/git add --all
  /usr/bin/git config user.name user2023
  /usr/bin/git config user.email [email protected]
Create a commit
Push the commit or tag
  /usr/bin/git push origin gh-pages
  remote: error: GH006: Protected branch update failed for refs/heads/gh-pages.        
  remote: error: At least 1 approving review is required by reviewers with write access.        
  To https://github.enterprise.com/enterprise/abcd-automation.git
   ! [remote rejected] gh-pages -> gh-pages (protected branch hook declined)
  error: failed to push some refs to 'https://github.enterprise.com/enterprise/abcd-automation.git'
  Error: Action failed with "The process '/usr/bin/git' failed with exit code 1"

Additional context.

I want to use the token at organisational level and don't want to use the token created by the runner

@navachaitanyak navachaitanyak added the support User support label May 9, 2024
@navachaitanyak navachaitanyak changed the title support: support: Cannot push to protected branches using Enterprise TOKEN May 9, 2024
@peaceiris
Copy link
Owner

peaceiris commented May 10, 2024

We can the Bypass list of the Rules for this case, I think. Could you try it?
If you want to stay to use the Branch protection rule, the Restrict who can push to matching branches is available instead.

Rules Branch protection rule
スクリーンショット 2024-05-10 午前11 32 47 スクリーンショット 2024-05-10 午前11 33 51

@navachaitanyak
Copy link
Author

navachaitanyak commented May 14, 2024

@peaceiris
We are already using Restrict who can push to matching branches and added the TOKEN user, however, the action still considering the triggering actor and creating a runner token for the triggering actor only, even though we pass the Enterprise token, Hope you consider this situation and add a feature to make use of Enterprise Token without creating a Runner token

@peaceiris
Copy link
Owner

I got it. We need to use the personal_token input instead.

https://github.com/peaceiris/actions-gh-pages#%EF%B8%8F-set-personal-access-token-personal_token

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
support User support
Projects
None yet
Development

No branches or pull requests

2 participants