From 6e39eb75a16bf649b19c6aadcb791c23ebc3544e Mon Sep 17 00:00:00 2001 From: Xilai Zhang Date: Thu, 18 Jan 2024 10:48:00 -0800 Subject: [PATCH] [github actions] Fix token issue on actions/checkout package (#141652) revision 01/17: instead of removing actions/checkout, keep actions/checkout but remove the `token` field and add `persist-credentials` field. tested with a [mirror script](https://github.com/XilaiZhang/miscellaneous-side-project/blob/master/.github/workflows/easy-cp.yml) and creates [expected pull request](https://github.com/flutter/flutter/pull/141730) Issue: when running github actions, the [tokens not found error](https://github.com/actions/checkout/issues/298) still happens( `Input required and not supplied: token`). We are not using fork PR or dependabot, and it's flaky when the well defined token isn't find in the inputs. We hit this error when invoking [market place actions/checkout](https://github.com/actions/checkout): [example failed run 1](https://github.com/flutter/flutter/actions/runs/7546108771/job/20543199801), [example failed run 2](https://github.com/flutter/flutter/actions/runs/7546141972/job/20543265842) In this PR, Remove the dependency on marketplace actions to make our workflow more reliable and less flaky. other changes to remove actions/checkout dependency: 1. embedded token url for git push Tried a number of ways and this is the only / best workaround I found to resolve [the notorious problem of pushing without ssh key](https://stackoverflow.com/questions/22147574/github-fatal-could-not-read-username-for-https-github-com-no-such-file-o). 2. added back `--head` `--head` is now needed to avoid [abort](https://github.com/XilaiZhang/miscellaneous-side-project/actions/runs/7548409479/job/20550397014) Test: a [replicate of the actions file](https://github.com/XilaiZhang/miscellaneous-side-project/blob/master/.github/workflows/easy-cp.yml) is [tested](https://github.com/XilaiZhang/miscellaneous-side-project/actions/runs/7548448024/job/20550521341) on my personal repo, and it creates the [expected PR](https://github.com/flutter/flutter/pull/141647) --- .github/workflows/easy-cp.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/easy-cp.yml b/.github/workflows/easy-cp.yml index 9aa122e4aad..488815ac3e7 100644 --- a/.github/workflows/easy-cp.yml +++ b/.github/workflows/easy-cp.yml @@ -33,9 +33,9 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: repository: flutteractionsbot/flutter - token: ${{ secrets.FLUTTERACTIONSBOT_CP_TOKEN }} path: flutter ref: master + persist-credentials: false # Checkout all history commits on master branch, so that the cp commit is a known object fetch-depth: 0 # use same name when checking out branch, since the marketplace action does a hard reset. @@ -58,8 +58,8 @@ jobs: if: ${{ steps.attempt-cp.conclusion == 'success' }} working-directory: ./flutter run: | - git push -u origin cp-${CHANNEL}-${COMMIT_SHA} - gh pr create --title "[CP-${CHANNEL}]${PR_TITLE}" --body-file ../PULL_REQUEST_CP_TEMPLATE.md --base ${RELEASE_BRANCH} --label "cp: review" --repo flutter/flutter + git push https://${{ env.GITHUB_TOKEN }}@github.com/flutteractionsbot/flutter cp-${CHANNEL}-${COMMIT_SHA} + gh pr create --title "[CP-${CHANNEL}]${PR_TITLE}" --body-file ../PULL_REQUEST_CP_TEMPLATE.md --base ${RELEASE_BRANCH} --label "cp: review" --repo flutter/flutter --head flutteractionsbot:cp-${CHANNEL}-${COMMIT_SHA} env: GITHUB_TOKEN: ${{ secrets.FLUTTERACTIONSBOT_CP_TOKEN }} PR_TITLE: ${{ github.event.pull_request.title }}