action-dependabot-auto-merge: "Error: Input required and not supplied: github-token"
All of a sudden I’ve been getting this error.
/action/node_modules/@actions/core/lib/core.js:94
throw new Error(`Input required and not supplied: ${name}`);
^
Error: Input required and not supplied: github-token
at Object.getInput (/action/node_modules/@actions/core/lib/core.js:94:15)
at file:///action/index.js:28:15
at ModuleJob.run (node:internal/modules/esm/module_job:154:23)
at async Loader.import (node:internal/modules/esm/loader:166:24)
at async Object.loadESM (node:internal/process/esm_loader:68:5)
E.g. https://github.com/mdn/content/pull/2964/checks?check_run_id=2066177430
I haven’t touched my personal access tokens. And auto-merge hasn’t been upgraded on the project in 3 months. It just stopped working today all of a sudden. Sample PR: https://github.com/mdn/content/pull/2964
I don’t know if it’s a bug or user-error. Or a problem with GitHub Actions changing under our feet.
I did try generating a new access token (using the public_repo scope) to see if that would make it work. But arguably, it’s a long shot because the error says the token isn’t supplied.
About this issue
- Original URL
- State: open
- Created 3 years ago
- Reactions: 15
- Comments: 33 (11 by maintainers)
Commits related to this issue
- use secrets token for checkout action The secret PAT token is not properly pulled somehow, i am making this change based on https://github.com/ahmadnassri/action-dependabot-auto-merge/issues/58#issue... — committed to appbaseio/searchbox by mohdashraf010897 2 years ago
- bug #749 [maintenance]Use GITHUB_TOKEN secret instead of DEPENDABOT_TOKEN (Ferror) This PR was merged into the 1.12-dev branch. Discussion ---------- https://github.com/ahmadnassri/action-dependabo... — committed to Sylius/Sylius-Standard by lchrusciel 2 years ago
- docs: explicitly tell where to create the token (#163) I created the token in Actions instead of Dependabot and was not working. This is a solution for bug: https://github.com/ahmadnassri/action-... — committed to ahmadnassri/action-dependabot-auto-merge by mauriciabad 2 years ago
- bug #749 [maintenance]Use GITHUB_TOKEN secret instead of DEPENDABOT_TOKEN (Ferror) This PR was merged into the 1.12-dev branch. Discussion ---------- https://github.com/ahmadnassri/action-dependabo... — committed to windragon0910/symfony_ecom_framework by windragon0910 2 years ago
I run into the same issue on a private repo. But after some time I realized the token needs to added to the
Depandabotsection instead ofActionssection which make it work for me.and it wasn’t just THIS action … seems like EVERY Personal Access Token wasn’t being read properly, here’s an example of a job that relies on a different PAT for usage with Github Package Registry:
upon re-running the job that also worked fine.
so … a global hiccup of all Personal Access Tokens (or all secrets) across Github!
I’m moving this discussion to https://github.com/ahmadnassri/action-dependabot-auto-merge/issues/60 which details full context.
they answer me with something unrelated with my bug, but I want to share it with you because I didn’t know it.
@peterbe I hope this is your issue.
no worries, let us know if you learn of anything interesting from them
oof, yeah … not sure what to do about that … this is just actions + secret permission stuff …
change here to allow
pull_request_target: https://github.com/ahmadnassri/action-dependabot-auto-merge/commit/2aef6bbf0c786ba7411c31913536c255f97d9323“Re-run jobs” works for me but in a random way.
yes, when I did retry it works but sometimes it doesn’t work… it is random. So I am waiting for confirmation from GitHub customer support.
thanks for your confirmation. and thanks for your work.