Use GITHUB_TOKEN instead of ACCESS_TOKEN
#5
Comments
gerardabello
changed the title
GITHUB_TOKENGITHUB_TOKEN instead of ACCESS_TOKEN
|
I’d love to, and originally the action was, but unfortunately there’s an issue with the Github secret provided with actions that prevents Github Pages from rebuilding your site with it, that means that you’ll be able to commit to the branch, but it will never update. It works for private repostitories, but not public ones. I’m keeping an eye on the situation and will test this again when actions leaves beta. For now I’d suggest limiting the permissions on the PAT you create if you’d like to use the action! |
|
I've recently emailed GitHub support, I'll let you know if I hear back! |
|
Following up on this @gerardabello - here's the response I've received from GitHub's developer support.
I've also provided GitHub with some additional information about the private repository behavior I mentioned in my initial post. I'll let you know if I hear anything more. |
|
Still no updates from GitHub on this. I've emailed them twice now with no reply. |
|
Some additional context here: maxheld83/ghpages#1 |
|
Thanks @alex-page! |
|
Oops that issue only has a bit of context, check the PR out maxheld83/ghpages#18 |
|
I'll keep an eye on this. Doesn't seem possible just yet. |
|
Hoping to have a fix for this today. |
|
I've got a PR open for this, but the issue still appears to be present: #13 |
|
@JamesIves thanks for researching this. Ping me if you need any help. |
|
FYI. peaceiris/actions-gh-pages#9 (comment)
peaceiris/actions-gh-pages#9 (comment)
|
|
^ Cross posting this here. I'm going to merge in this feature/PR and point to this issue. |
Nothing edit to workaround JamesIves/github-pages-deploy-action#5
|
Quite the limitation that a github action commit cannot trigger another action. Using a personal access token to deploy a single repository is bad practice and the fact that actions require this for something as basic as deploying to gh-pages is evidence that workflows should be able to trigger workflows. Or at least that gh-pages commits should be exempt from this limitation. Let us know if there are any workarounds that support using |
|
@dhimmel |
|
The option for using a GitHub token vs an access token is already available in v2 and v3. I'm going to close this issue, please follow this thread to stay up-to-date: https://github.community/t5/GitHub-Actions/Github-action-not-triggering-gh-pages-upon-push/m-p/31266/highlight/true#M743 |
JamesIves
removed
planned 🕘
|
It seems github has ditched fixing the |
Has there been a change in the last few days? Deploying to a branch that then triggers a GitHub Pages build using |
It appears the bug which prevented GITHUB_TOKEN from not causing GitHub pages to be built has been fixed. Therefore GITHUB_TOKEN should be preferred over an access token which one of the members has to create. See - JamesIves/github-pages-deploy-action#5 - https://github.community/t5/GitHub-Actions/Github-action-not-triggering-gh-pages-upon-push/m-p/31266/highlight/true#M743
Describe the solution you'd like
The action should use
GITHUB_TOKENinstead of a user-providedACCESS_TOKENAdditional Comments
It's much easier (it's already provided if you just enable a check) and safer for public repos, as the
GITHUB_TOKENis scoped to the repo and not to all your repos like a personal access token.https://developer.github.com/actions/managing-workflows/storing-secrets/#github-token-secret
The text was updated successfully, but these errors were encountered: