Fork-Sync-With-Upstream-action: Can't sync with private repo

I want to sync my private repo with other original private repo. I have added secrets to forked repo and ran workflow. But I get struck by below error

0s
Run aormsby/Fork-Sync-With-Upstream-action@v2.1
/bin/sh /home/runner/work/_actions/aormsby/Fork-Sync-With-Upstream-action/v2.1/upstream-sync.sh
Git user and email credentials set for action
remote: Repository not found.
fatal: repository 'https://github.com/xxx/xxxxx.git/' not found. <---- I can access this private repo
Error: The process '/bin/sh' failed with exit code 128

From this question --> https://stackoverflow.com/questions/56269686/git-repository-not-found-error-for-private-repository-on-github

I understood, I have to use SSH. So, manually specified ssh url like below

    - name: Pull (Fast-Forward) upstream changes
      id: sync
      uses: aormsby/Fork-Sync-With-Upstream-action@v2.1
      with:
        upstream_repository: git@github.com:xxxx/xxxx.git.  <-------
        upstream_branch: "14.0"
        target_branch: "14.0"
        git_pull_args: --ff-only                    # optional arg use, defaults to simple 'pull'
        github_token: ${{ secrets.USER_TOKEN }}   # optional, for accessing repos that require authentication

Got blow error. It is appending HTTP url to exiting one

Run aormsby/Fork-Sync-With-Upstream-action@v2.1
/bin/sh /home/runner/work/_actions/aormsby/Fork-Sync-With-Upstream-action/v2.1/upstream-sync.sh
Git user and email credentials set for action
fatal: unable to access 'https://github.com/git@github.com:xxx/xxxxx.git.git/': The requested URL returned error: 400
Error: The process '/bin/sh' failed with exit code 128

My workflow file

on:
  schedule:
    - cron:  '0 7 * * 1,4'
    # scheduled at 07:00 every Monday and Thursday

  workflow_dispatch:  # click the button on Github repo!


jobs:
  sync_with_upstream:
    runs-on: ubuntu-latest
    name: Sync main with upstream latest

    steps:
    # Step 1: run a standard checkout action, provided by github
    - name: Checkout main
      uses: actions/checkout@v2
      with:
        ref: "14.0"
        # submodules: 'recursive'     ### may be needed in your situation

    # Step 2: run this sync action - specify the upstream repo, upstream branch to sync with, and target sync branch
    - name: Pull (Fast-Forward) upstream changes
      id: sync
      uses: aormsby/Fork-Sync-With-Upstream-action@v2.1
      with:
        upstream_repository: git@github.com:xx/xxx.git
        upstream_branch: "14.0"
        target_branch: "14.0"
        git_pull_args: --ff-only                    # optional arg use, defaults to simple 'pull'
        github_token: ${{ secrets.USER_TOKEN }}   # optional, for accessing repos that require authentication

    # Step 3: Display a message if 'sync' step had new commits (simple test)
    - name: Check for new commits
      if: steps.sync.outputs.has_new_commits
      run: echo "There were new commits."

    # Step 4: Print a helpful timestamp for your records (not required, just nice)
    - name: Timestamp
      run: date

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 15 (8 by maintainers)

Most upvoted comments

Input changed and readme updated in v2.4 and v3.0

+2
aormsby on Aug 1, 2021

Yes, I do think authentication during the checkout process is key to this action working as expected, and I plan on adding something about that in the readme in coming updates. v2 is also missing much needed tests to verify repo connections and authenticated access, which is something I’m working on for v3. Hopefully, that will help deal with config issues in a more straightforward way. Will update when something is ready, should be pretty soon.

+2
aormsby on Jul 5, 2021

I have a solution!

So - the problem with accessing a private upstream repository is actually not the upstream access token. That should be working fine. What I found out during my v3 update is that when the first step checkout action has persist-credentials: true (which is the default), the action runner attempts to access your upstream repo with the stored key from the checkout. Even if we add the token to the URL (which we do), trying to use the stored token immediately fails.

What you have to do is set persist-credentials: false in the checkout action and then store the target repo token in an input variable as {{ secrets.GITHUB_TOKEN }} so the sync action has both tokens available at the appropriate times. More details in the new wiki.

As of right now, v2 actually doesn’t support this. But v3 does! I recommend trying v3 available in PR #31 and letting me know if the private repos work for you. (In fact, try test mode!) I will also add this change to v2 since it’s pretty crucial to the whole private sync.

+1
aormsby on Jul 25, 2021

Hi everyone, I’ve been too busy with my current work to sit down with this recently. I apologize for the delay on my end, and I want to thank you for trying things out on your end. I have some notes from previous work on another computer that I’ll post here later. Perhaps they will further the conversation in the meantime. Thanks for your patience.

+1
aormsby on Feb 9, 2021
Read more comments on GitHub
← spotify-player: OpenSpotifyLinkFromClipboard does not work on Wayland
python-seabreeze: Flame-S spectrometer is seen but doesn't report data  →