checkout: Error: fatal: could not read Username for 'https://github.com': terminal prompts disabled

Hello,

I’m attempting a rollback flow using actions/checkout@v2. The problem is that I need to use a PAT in order to rollback commits that change Github Workflows and when I pass that PAT into actions/checkout, I get an error.

Error: fatal: could not read Username for 'https://github.com': terminal prompts disabled

My workflow:

name: "Dev Deploy"
on:
  workflow_run:
    workflows: ["Versioning"]
    types: [completed]
jobs:
  fail_job:
    runs-on: ubuntu-latest
    steps:
      - name: Fail
        run: |
          exit 1
  rollback-on-failure:
    runs-on: ubuntu-latest
    needs: [fail_job]
    if: always() && needs.fail_job.result == 'failure'
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
          token: ${{ secrets.WORKFLOW_TOKEN }}
      - run: chmod +x environment/rollback.sh && ./environment/rollback.sh

The PAT used has the permissions to change workflows, as well as repository permissions. The issue seems to be that the action doesn’t allow me to set a username before it tries to fetch the repository.

About this issue

  • Original URL
  • State: open
  • Created 3 years ago
  • Reactions: 56
  • Comments: 39

Commits related to this issue

Most upvoted comments

Another hint: The PAT must have an expiry date, otherwise the same error appears 😅.

I’m also experiencing the same issue. I wanted to add a checkout of another private repo, that lives in the same organisation as the original private repo which the workflow is in.

My code:

     - name: Checkout the private repo in which the workflow lives
        uses: actions/checkout@v2
      - name: Checkout a public repo to see if it works
        uses: actions/checkout@v2.3.4
        with:
          repository: actions/checkout
          ref: main
      - name: Checkout another private repo in the same organisation
      (and provide a PAT with repo, read:user and user:email permissions)
        uses: actions/checkout@v2.3.4
        with:
          repository: org/private-repo
          ref: master
          token: $MY_PAT

Results: Checkout the private repo in which the workflow lives ✔️ Checkout a public repo to see if it works ✔️ Checkout another private repo in the same organisation

The error: image

I stumbled into the same error message and found this issue. However in my case, the cause of the problem was that the token expired. 😅 Adding it here, in case it helps folks. The error message is very undescriptive.

my 2 cents: it would be great that github checkout action automatically detect this kind of error return to provide a tips on this: (example: please verify your token and expiration date.

I think in many case this is just “private” + “expired” or “wrong” PAT configuration?

Another hint: The PAT must have an expiry date, otherwise the same error appears 😅.

@MichaIng Thanks for the tip! I wouldn’t have figured that out on my own. 😃

I was able to fix this by using a classic token with the permissions public_repo, read:user and user:email.

Cheers

You definitely use a PAT which has an expiry date and is not expired?

@ScottG489 - have a look at this blog post. Seems there are 3 requirements for a valid token applied in actions.

  1. It belongs to the right user or organization account
  2. It has repository scope
  3. It is not expired

Using a token that doesn’t expire fixed this issue for me.

Could someone explain if there is some underlying reason why these tokens are rejected though?

If GitHub is going to reject tokens that don’t expire then they shouldn’t let you generate them in the first place.

I needed to auto-create a release for my private golang repository, and came across this page in my investigations. Being new to github actions and workflows, I needed to resolve how to inject https://$GH_TOKEN@github.com instead of https://github.com gitconfig statement into my workflow setup. Found this blog post which exactly solved my issue. Posting here in case someone else needs a pointer

Has anyone found a solution to this issue? I have the same error and nothing seems to work

Should the requirement to have an expiration date in the PAT be documented here? https://github.com/marketplace/actions/checkout#usage

I am having the same issue. It only happens for PRs created by dependabot though, and the strange thing is that if I close the PR and then reopen it, then it works. I have tried to apply all fixes suggested here, but nothing seems to work.

Update: I got it working now. I just realised that I had to update the PAT in two places - both for the actions and for dependabot. Screenshot 2024-01-11 at 08 15 46

I got it working using checkout@v3 with persist-credentials: false and a PAT with expire date using the following config:

git config --global user.name myusername
git config --global user.email myemail
git remote set-url origin https://x-access-token:${{ secrets.PAT }}@github.com/${{ github.repository }}
...git operations

Looks like I found the root cause of this behavior. When the first actions/checkout@v2 performs without any options for current repository it caches github token in local git store and further the same token is used. I added flag “persist-credentials: false” to the first checkout step and further steps with github communications started work (ad-m/github-push-action or simple git push https://user:token@github/org/repo). Looks like git cli ignores incoming token if it is already stored in local storage… At lest it helped me… 😃 p.s. username does not matter when token is used…

Personally I didn’t have a PAT in my GitHub workflow and it worked fine till 2 weeks ago for simple checkout, so not sure what happened on GitHub side here.

I’m having the same problem as MikulasMascautanu, but I don’t think there’s anything wrong with my PAT. I’m only getting this error on one private repo in the entire organization. Every other repo in the same organization is completing its actions just fine, and they all use an identical CI yaml (the only difference being that this one specifies a working directory).

Is there some repo setting in Github that I might need to change?

For a simple checkout indeed no PAT is required.

Hi, sorry for my late response. I did NOT solve the issue, I used a different approach for my original task. Sorry:/