github-app-token: Action fails on ubuntu-jammy runner

I’ve tested the v1.8. Now I’m facing this error when using the key which is created from the private keys section of the github app.

Error: Error: secretOrPrivateKey must be an asymmetric key when using RS256

Running v1.8 on ubuntu-20.04 however works fine.

I’m also getting this error, when will the fix be merged? Or is there any other workaround?

I’m still getting this error

Error: Error: secretOrPrivateKey must be an asymmetric key when using RS256

i tried all fixes mentioned here, but it still doesn’t work. (with ubuntu-20.04 and ubuntu-latest)

…

just for completeness, github gives me a private key in this form SHA256:xxxxxxxxxxxxxxxxxxx

I faced it as well, then I realized that that value that you see above, is a hash shown on GitHub application page, rather than the key itself. The actual key is downloaded by your browser when you press “Generate private key” on GitHub App settings page (that’s a file that ends with .private-key.pem). Using that file as the key makes it work as expected.

Just wanted to note here that as mentioned above adding below to generate_token step fixes the issue with secretOrPrivateKey must be an asymmetric key when using RS256. Works for me on both 1.7.0 and 1.8.0 version with this workaround.

        env:
          OPENSSL_CONF: /dev/null

@jazzlyn thanks for sharing! It worked for me too

@hamnis I got it to run with the action compiled locally, but got a different error

Error: secretOrPrivateKey must be an asymmetric key when using RS256

     - name: Get github-app-token action from forked repo
       uses: actions/checkout@v3
       with:
         repository: hamnis/github-app-token
         ref: upgrade-octocat-auth-app
         path: hamnis-github-app-token
     # Compile the action to be able to use it
     - uses: actions/setup-node@v3
       with:
         node-version: latest
     - name: Install Yarn
       run: npm install -g yarn
     - name: Install
       run: yarn install --frozen-lockfile
       working-directory: hamnis-github-app-token
     - name: Deduplicate dependencies
       run: yarn run yarn-deduplicate --fail --strategy fewer
       working-directory: hamnis-github-app-token
     - name: Build
       run: yarn run build
       working-directory: hamnis-github-app-token
     - name: Format
       run: yarn run prettier --check
       working-directory: hamnis-github-app-token
     - name: Lint
       run: yarn run xo
       working-directory: hamnis-github-app-token
     # action should now be compiled, we can use it like this:
     - name: Generate app token
       id: generate_token
       uses: ./hamnis-github-app-token
       with:
         app_id: ${{ inputs.gh_app_id }}
         private_key: ${{ inputs.gh_app_private_key }}

@hamnis I tried with your reference, still same error.

it seems this is an issue with node 16 and openssl, see https://stackoverflow.com/questions/72104449/node-js-crypto-fails-to-sign-pem-key-string-from-file-with-error25066067dso-su fixe

      - name: Generate token
        id: generate_token
        uses: tibdex/github-app-token@v1.7.0
        env:
          OPENSSL_CONF: /dev/null

fixed it for me.

Seems like this should be possible: https://stackoverflow.com/a/68286342

Thanks for looking it up for me. This way I tried first and it didn’t work producing the following error

File not found: '/runner/_work/_actions/hamnis/github-app-token/upgrade-octocat-auth-app/dist/index.js'

I tried branch, sha, and local copy - it needs to be compiled like you said in your other reply.