Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Workflow triggered by Dependabot fails #22

Closed
grndvl1 opened this issue Nov 1, 2022 · 4 comments
Closed

Workflow triggered by Dependabot fails #22

grndvl1 opened this issue Nov 1, 2022 · 4 comments

Comments

@grndvl1
Copy link

grndvl1 commented Nov 1, 2022

Upgrading from 1.5.0 to 1.6.0 causes my script to error out with this line.

Screen Shot 2022-11-01 at 10 52 34 AM
@Schneegans
Copy link
Owner

Schneegans commented Nov 1, 2022
edited
Loading

Thank you for the report! Are you 100% sure that if you revert to v1.5.0 everything works? There are very little changes between the two versions. In fact, it is effectively only one changed line. So it would really surprise me if this change from Node 12 to Node 16 could cause this issue...

@SebastianSchmidl
Copy link

I had a similar problem with a Dependabot-created merge commit. The error message was the same, and the failure also happened when upgrading from 1.5.0 to 1.6.0:

Run schneegans/[email protected]
  with:
    gistID: 6762bee806477c52e079f21d2f252688
    filename: timeeval__heads_main.json
    label: Test Coverage
    message: 0.8946
    color: green
    namedLogo: pytest
    forceUpdate: false
  env:
    CONDA_PKGS_DIR: /home/runner/conda_pkgs_dir
    COVERAGE: 0.8946
    BRANCH: heads_main
Failed to get gist, response status code: 401, status message: Unauthorized
/home/runner/work/_actions/schneegans/dynamic-badges-action/v1.6.0/index.js:209
        if (oldGist.body.files[filename]) {
                              ^

TypeError: Cannot read properties of undefined (reading 'timeeval__heads_main.json')
    at /home/runner/work/_actions/schneegans/dynamic-badges-action/v1.6.0/index.js:209:[3](https://github.com/HPI-Information-Systems/TimeEval/actions/runs/3393366151/jobs/5640618821#step:8:3)1
    at processTicksAndRejections (node:internal/process/task_queues:96:[5](https://github.com/HPI-Information-Systems/TimeEval/actions/runs/3393366151/jobs/5640618821#step:8:5))

However, the cause was that the commit was authored by Dependabot and the Action missed the correct access rights to the gist. The default secrets for GitHub Actions do not apply for Dependabot and you have to provide them separately in Repository Settings > Secrets > Dependabot.

I hope this information can help.

@Schneegans
Copy link
Owner

Schneegans commented Nov 7, 2022
edited
Loading

Ohh, I did not know this. Thank you very much! I'll add a corresponding note to the README.

Edit: Done. I'll pin this issue so that others may find it more easily.

TLDR; If you use Dependabot to automatically update dependencies of your repository, you also have to add the gist secret to Dependabot's secrets (Settings > Secrets > Dependabot).

@Schneegans Schneegans pinned this issue Nov 7, 2022
@Schneegans Schneegans changed the title Upgrading to 1.6.0 Errors Out Workflow triggered by Dependabot fails Nov 7, 2022
@bartvdbraak
Copy link

Thank you @CodeLionX!

I was running into this issue as well.

@simojo simojo mentioned this issue Sep 30, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@grndvl1 @Schneegans @bartvdbraak @SebastianSchmidl