Codex-
Not able to fetch the run IDs, It is coming as empty Array []
This is the extension of the previous issue.
Usecase: I am trying to make a workflow dispatch call from our public repo to our private repo using codex-/return-dispatch action.
issue:
The call actually successfully triggers the workflow in the private repo however "it keeps on waiting and finally times out but not able to fetch the run IDs"
I have run the workflow in debug mode and I can see it is printing - Runs Fetched: [] which means it is not able to fetch the run IDs. however when I use octokit to locally fetch the run IDs it actually works.
This is my calling workflow code - this
*note - My receiving workflow is again calling 5 child workflows using workflow call.
@Codex- Please help as it is blocking our pipeline work.
Hmmm I've only seen this occur when the token isn't permitted enough to perform this call
This is the API used for fetching runs: https://docs.github.com/en/rest/actions/workflow-runs#list-workflow-runs-for-a-repository
If you perform the same request with the same token being used by the action (check and make sure this is exactly the same), and:
{
"owner": "xero-internal",
"repo": "xeroapi-sdk-codegen",
"workflow_id": 114702054,
"branch": "master",
"per_page": 10
}
What do you get? The API is basically saying that there are no runs for master to fetch here which seems extremely unlikely for a master branch, should it be main? etc
Please help as it is blocking our pipeline work.
Understood, and I'm happy to help as best I can, but please understand that this is not a supported or sponsored project and I maintain and support this project entirely in my own time.
Hey @Codex-
Thank you so much for replying however I am still facing the issue in pipeline but working fine in local.
I am using a private github app with all the necessary permissions and I am fetching this app's access token through this code.
github app's permissions -
- Actions - read/write
- Contents - read/write
- Pull_request - read/write
- workflows - read/write
My branch name is - master only
Please check the below screenshot where i am fetching the access token and making a call to the same endpoint with all the mentioned payload as you have mentioned above and i am able to fetch the rub IDs.
Local code -
import {createAppAuth} from "@octkit/auth-app"
import {Octokit} from "@octokit/rest"
const octoKitInstance = new Octokit({
authStrategy: createAppAuth,
auth: {
appId: ****
privateKey: ****
}
});
const {data: installations} = await octoKitInstance.rest.apps.listInstallations()
const installationId = installations[0].id;
const installationAccessToken = await octoKitInstance.rest.apps.createInstallationAccessToken({ installation_id: installationId})
const octokit = new Octokit({ auth: installationAccessToken.data.token})
const response = await octokit.request('GET /repos/xero-internal/xeroapi-sdk-codegen/actions/runs', {
owner: 'xero-internal',
repo: 'xeroapi-sdk-codegen',
branch: 'master',
per_page: 10,
workflow_id: 114702054,
headers: { 'X-Github-Api-Version': '2022-11-28'}
})
const runIds = response.data.workflow_runs.map(workflowRun => workflowRun.id)
console.log(runIds) // [11124333748, 11118613762, 11118585732 .......]
Interesting, the way you're creating the client here differs from the action
In the action I use the standard PAT / Context token and call:
import * as github from "@actions/github";
const octokit = github.getOctokit(token);
But in your example, you're calling:
const octokit = new Octokit({ auth: installationAccessToken.data.token})
What happens when you try to auth in the same way as the action?
Interestingly, when using @actions/github, the package @octokit/rest isn't actually used at all, so I suspect this is where things are going askew
In this screenshot I am using github.getOctokit(token) and run IDs are getting printed in console.
@Codex-
I've just released v2 of this action which brings many changes, can you please try with v2, though I suspect this particular issue won't be resolved as it seems permissions-related still 🤔
@Codex-
Apologies for the delay in reply as I got little pre occupied with some work.
I tried the new v2 version of your action however still It is not able to fetch the run IDs.
Could you please share some logs from your end or explain me a little why do you suspect it to be a permission related issue ?
There is nothing "my end" as this action runs in your infrastructure. I mainly suspect permissions as I've used this extensively across various orgs and it always boiled down to token permissions, but I've never tried it with an installation token.
The output you see with debug logging enabled is exactly what I see too.
I did have another idea to rule out more things though, run the workflow using act: https://github.com/nektos/act
With act we can work out more clearly whether it's action specific, or token/env specific and work out where to go from there :)
hey @Codex- Sorry I was on leave the whole week, I will try today with act and will share you the details.
Hey @Codex-
This is my act command -
act pull_request -W .github/workflows/pr-health-check.yml --container-architecture linux/amd64 -s GITHUB_TOKEN=*** -s XERO_GITHUB_APPLICATION_KEY=$private_key
This is the output of the act command -
I have one doubt why the url is showing - https://github.com/xero-internal/xeroapi-sdk-codegen/blob/master/.github/workflows/codegen-dotnet-pr.yml it should point to pr.yml and not codegen-dotnet-pr.yml
That's interesting, I think I know what's happening here, I'll write a test to test my theory tomorrow :)
Basically I think it's just finding a match on the first yielded workflow ID for pr, which is not going to work correctly as it is if multiple workflows contain the same substring
Nice find!
@Codex- Let me know if you find out any work around or solution for the doubt you are having.
@sangeet-joy-tw fix released on v2, let me know if it's still an issue and if so I'll re-open this :)