act
act copied to clipboard
nektos
Error: Error message: Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable but succeeds with github actions
Bug report info
noams@DESKTOP-34S5F1I:~/src/personal_website$ act --bug-report
act version: 0.2.68
GOOS: linux
GOARCH: amd64
NumCPU: 8
Docker host: DOCKER_HOST environment variable is not set
Sockets found:
/var/run/docker.sock
Config files:
/home/noams/.config/act/actrc:
-P ubuntu-latest=catthehacker/ubuntu:act-latest
-P ubuntu-22.04=catthehacker/ubuntu:act-22.04
-P ubuntu-20.04=catthehacker/ubuntu:act-20.04
-P ubuntu-18.04=catthehacker/ubuntu:act-18.04
Build info:
Go version: go1.23.1
Module path: command-line-arguments
Main version:
Main path:
Main checksum:
Build settings:
-buildmode: exe
-compiler: gc
-ldflags: -X main.version=0.2.68
DefaultGODEBUG: asynctimerchan=1,gotypesalias=0,httplaxcontentlength=1,httpmuxgo121=1,httpservecontentkeepheaders=1,tls10server=1,tls3des=1,tlskyber=0,tlsrsakex=1,tlsunsafeekm=1,winreadlinkvolume=0,winsymlink=0,x509keypairleaf=0,x509negativeserial=1
CGO_ENABLED: 1
CGO_CFLAGS:
CGO_CPPFLAGS:
CGO_CXXFLAGS:
CGO_LDFLAGS:
GOARCH: amd64
GOOS: linux
GOAMD64: v1
Docker Engine:
Engine version: 27.3.1
Engine runtime: runc
Cgroup version: 1
Cgroup driver: cgroupfs
Storage driver: overlay2
Registry URI: https://index.docker.io/v1/
OS: Ubuntu 22.04.5 LTS
OS type: linux
OS version: 22.04
OS arch: x86_64
OS kernel: 5.15.153.1-microsoft-standard-WSL2
OS CPU: 8
OS memory: 3848 MB
Security options:
name=seccomp,profile=builtin
Command used with act
act -j build-and-deploy -W .github/workflows/deploy_frontend.yml --secret-file /home/noams/src/personal_website/frontend/.secrets_frontend --env-file /home/noams/src/personal_website/frontend/.env --artifact-server-path /tmp/artifacts
Describe issue
Expecting success just like github actions
Link to GitHub repository
https://github.com/noamzilo/personal_website
Workflow content
name: Deploy Frontend
on:
push:
branches: [main, staging, frontend]
paths:
- 'frontend/**'
- '.github/workflows/deploy_frontend.yml'
workflow_dispatch:
jobs:
build-and-deploy:
runs-on: ubuntu-latest
permissions:
contents: write
pages: write # Added for GitHub Pages deployment
id-token: write # Necessary for actions/deploy-pages
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
- uses: actions/checkout@v4
- name: Debug REACT_APP_API_URL
shell: bash
run: |
echo -e "\e[32m@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\e[0m"
echo -e "\e[32mREACT_APP_API_URL=${REACT_APP_API_URL}\e[0m"
env
echo $(env | grep ACTIONS_RUNTIME_TOKEN)
# exit 1 # Commented out to allow the workflow to continue
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Print Environment Variables and Secrets
shell: bash
env:
REACT_APP_ENVIRONMENT: ${{ env.REACT_APP_ENVIRONMENT }}
run: |
echo -e "\e[32mREACT_APP_API_URL=${REACT_APP_API_URL}\e[0m"
echo -e "\e[32mREACT_APP_ENVIRONMENT=${REACT_APP_ENVIRONMENT}\e[0m"
env
echo ACTIONS_RUNTIME_TOKEN=$(env | grep ACTIONS_RUNTIME_TOKEN)
- name: Install dependencies
shell: bash
run: |
cd frontend
npm ci 2>&1 || (echo -e "\e[31mInstall dependencies step failed.\e[0m" && exit 1)
- name: Build
shell: bash
run: |
cd frontend
mkdir -p build_logs
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
export REACT_APP_BUILD_TIME=$(TZ=America/Argentina/Buenos_Aires date +"%Y-%m-%d %H:%M:%S")
echo -e "\e[32mBuilding with environment variables:\e[0m"
env
echo -e "\e[32m$(pwd)\e[0m"
npm run build || (echo -e "\e[31mBuild step failed.\e[0m" && exit 1)
- name: Setup Pages
uses: actions/configure-pages@v4
- name: Upload artifact
uses: actions/upload-pages-artifact@v3
with:
path: './frontend/build'
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
- name: Build Succeeded
if: success()
run: echo -e "\e[32mBuild succeeded.\e[0m"
- name: Build Failed
if: failure()
shell: bash
run: |
echo -e "\e[31mBuild failed.\e[0m"
exit 1
Relevant log output
[Deploy Frontend/build-and-deploy] ✅ Success - Main Upload artifact
[Deploy Frontend/build-and-deploy] ⚙ ::set-output:: artifact-url=https://github.com/***/actions/runs/1/artifacts/1
[Deploy Frontend/build-and-deploy] ⚙ ::set-output:: artifact-id=1
[Deploy Frontend/build-and-deploy] ⚙ ::set-output:: artifact_id=1
[Deploy Frontend/build-and-deploy] ✅ Success - Main Upload artifact
[Deploy Frontend/build-and-deploy] ⚙ ::set-output:: artifact-id=1
[Deploy Frontend/build-and-deploy] ⚙ ::set-output:: artifact-url=https://github.com/***/actions/runs/1/artifacts/1
[Deploy Frontend/build-and-deploy] ⭐ Run Main Deploy to GitHub Pages
[Deploy Frontend/build-and-deploy] 🐳 docker cp src=/home/noams/.cache/act/actions-deploy-pages@v4/ dst=/var/run/act/actions/actions-deploy-pages@v4/
[Deploy Frontend/build-and-deploy] 🐳 docker exec cmd=[/opt/acttoolcache/node/18.20.4/x64/bin/node /var/run/act/actions/actions-deploy-pages@v4/dist/index.js] user= workdir=
[Deploy Frontend/build-and-deploy] 💬 ::debug::all variables are set
[Deploy Frontend/build-and-deploy] 💬 ::debug::all variables are set
| Error: Error message: Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable
| at Function.<anonymous> (/run/act/actions/actions-deploy-pages@v4/node_modules/@actions/core/lib/oidc-utils.js:71:1)
| at Generator.next (<anonymous>)
| at /run/act/actions/actions-deploy-pages@v4/node_modules/@actions/core/lib/oidc-utils.js:8:1
| at new Promise (<anonymous>)
| at __webpack_modules__.98041.__awaiter (/run/act/actions/actions-deploy-pages@v4/node_modules/@actions/core/lib/oidc-utils.js:4:1)
| at Function.getIDToken (/run/act/actions/actions-deploy-pages@v4/node_modules/@actions/core/lib/oidc-utils.js:57:1)
| at Object.<anonymous> (/run/act/actions/actions-deploy-pages@v4/node_modules/@actions/core/lib/core.js:315:1)
| at Generator.next (<anonymous>)
| at /run/act/actions/actions-deploy-pages@v4/node_modules/@actions/core/lib/core.js:27:1
| at new Promise (<anonymous>)
[Deploy Frontend/build-and-deploy] ❗ ::error::Ensure GITHUB_TOKEN has permission "id-token: write".
[Deploy Frontend/build-and-deploy] ❌ Failure - Main Deploy to GitHub Pages
[Deploy Frontend/build-and-deploy] exitcode '1': failure
[Deploy Frontend/build-and-deploy] ⭐ Run Main Build Failed
[Deploy Frontend/build-and-deploy] 🐳 docker exec cmd=[bash --noprofile --norc -e -o pipefail /var/run/act/workflow/10.sh] user= workdir=
| Build failed.
[Deploy Frontend/build-and-deploy] ❌ Failure - Main Build Failed
[Deploy Frontend/build-and-deploy] exitcode '1': failure
[Deploy Frontend/build-and-deploy] ⭐ Run Post Upload artifact
[Deploy Frontend/build-and-deploy] 🐳 docker cp src=/home/noams/.cache/act/actions-upload-pages-artifact@v3/ dst=/var/run/act/actions/actions-upload-pages-artifact@v3/
[Deploy Frontend/build-and-deploy] ✅ Success - Post Upload artifact
[Deploy Frontend/build-and-deploy] 🏁 Job failed
Error: Job 'build-and-deploy' failed
Additional information
The workflow is fine, as github actions does succeed, so clearly this is a problem with act.
My .secrets file contains:
GITHUB_TOKEN=XXX
ACTIONS_RUNTIME_TOKEN=XXX
#ACTIONS_RUNTIME_TOKEN=dummy
GITHUB_REPOSITORY=YYY
and I checked all env variables and secrets get passed correctly into the build.
I read some answers and implemented them, but no luck.
Would appreciate help, because having to push for debugging really sucks.
Issue is stale and will be closed in 14 days unless there is new activity
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
The actions/deploy-pages requires the id-token: write (Token to request an OpenID Connect token) permission to be granted to GITHUB_TOKEN. You're already doing this in the build-and-deploy job.
You cannot set the id-token: write permission on a Personal Access Token (PAT). The id-token permission is specific to GitHub Actions' built-in GITHUB_TOKEN and is used for OpenID Connect (OIDC) federation GitHub Actions and cloud providers.
When running workflows locally with act, OIDC (id-token) is not supported, because act cannot mint or sign OIDC tokens like GitHub Actions does.
Seems that feature is planned to be handled. You can check in Unsupported functionality page
