Overview
The GitHub documentation suggests that actions can be shared between repositories within an enterprise. However, when I try to use an action from inside my enterprise from another repository I get the error:
Error: Unable to clone https://github.com/Org1/action refs/heads/workflow-test: repository not found
Current set up
We have two organizations Org1 and Org2 that are both in the same enterprise. Org1 contains an repository containing an action: Org1/action. Org2 contains a repository which would like to consume this action: Org2/consumer.
I have followed this documentation: https://docs.github.com/en/enterprise-cloud#latest/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise.
Org1/action
Visibility is set to internal although it was originally private.
I have set Settings>Actions>General>Access to Accessible from repositories in the 'ENTERPRISE NAME' enterprise
Org2/consumer
This repository is set to allow all actions and reusable workflows.
Problem
There is no good documentation on GitHub which explains how to consume actions from within the enterprise.
This is what we currently have in Org2/consumer:
Name: Load test
on: [push]
jobs:
run_action:
runs-on: self-hosted
name: Action
steps:
- name: Trigger Load Test
uses: Org1/action#workflow-test # the action is on this branch
id: action
When we run this action we get the error displayed in the Overview section. This seems like an issue with how the runner is authorizing with GitHub when pulling the repository.
I would love to know if anyone has overcome this issue, or if they have found a work around.
Thanks in advance.
Related
Has the Following Feature has been implemented for Gihub Repos yet?strong text
Multi-repo triggers
You can specify multiple repositories in one YAML file and cause a pipeline to trigger by updates to any of the repositories. This feature is useful, for instance, in the following scenarios:
You consume a tool or a library from a different repository. You want to run tests for your application whenever the tool or library is updated.
You keep your YAML file in a separate repository from the application code. You want to trigger the pipeline every time an update is pushed to the application repository.
With this update, multi-repo triggers will only work for Git repositories in Azure Repos. They don't work for GitHub or Bitbucket repository resources.
SAMPLE :
trigger:
main
resources:
repositories:
- repository: tools
type: git
name: MyProject/tools
ref: main
trigger:
branches:
include:
- main
- release
As per Microsoft official sprint 173 updates 2020, this is achiveable using resources tag inside your yaml.
Here is an example that shows how you can setup an auto trigger inside your yaml pipeline based on any change in any other repos inside the same project and even other projects inside Azure DevOps as well.
Sample:
trigger:
- main
resources:
repositories:
- repository: tools
type: git
name: MyProject/tools
ref: main
trigger:
branches:
include:
- main
- release
In the above code snippet:
main branch in the self repo containing the YAML file
main or release branches in tools repo
Here is the link for official documentation form Microsoft for further details.
Hope that solution works for you.
Repository resource triggers only work for Azure Repos Git repositories in the same organization at present. They do not work for GitHub or Bitbucket repository resources.
Refer to this official doc for details: https://learn.microsoft.com/en-us/azure/devops/pipelines/repos/multi-repo-checkout?view=azure-devops#triggers
If you would like this feature to be supported, create a feature request: https://developercommunity.visualstudio.com/AzureDevOps/suggest
I am trying to find a workaround for using a Reusable workflow between two private repos: (It is not supported natively)
Context: I am trying to use a central repo (private) to contain all the Workflows and refer to that location from other repos (private).
Legend:
Central Repo: Contains all the Reusable Workflows. (If we edit a file in here we should not have to edit each and every repo's workflow files)
Calling Repo: A repo which runs Workflows, This repo will try to refer the workflows from the Central repo.
name: Calling Reusable Workflows
on: [ push ]
jobs:
download-remote-repo:
runs-on: ubuntu-latest
steps:
- name: Get private repo with action
uses: actions/checkout#v2
with:
repository: kalanatd/central-repo
ref: main
token: ${{ secrets.PAT_TOKEN }}
- name: List Files After remote Checkout
run: |
pwd
ls -a // I can see the checked out remote repo files in here
ls -al .github/workflows
cat ./.github/workflows/workflow.yml // Can read the file without any issue
- name: Run a workflow file
uses: ./.github/workflows/workflow.yml
Note: In aboe scenario ./.github/workflows/workflow.yml is dynamically checked out to the Runner's workspace. Even though 'run' commands can see that file 'uses' command does not use it.
[1] Error: Can't find 'action.yml', 'action.yaml' or 'Dockerfile' under '/home/runner/work/caller-repo/caller-repo/workflow.yml'. Did you forget to run actions/checkout before running your local action?
[2] https://github.github.io/actions-cheat-sheet/actions-cheat-sheet.pdf
Note:
I learned that RWs can not be called under steps which means there is no way to download a RW from another place and use that workflow, right?
I am trying to find a workaround for using a Reusable workflow between two private repos: (It is not supported natively)
Actually... it is, at least on GitHub (and later on a private GHE instance)
GitHub Actions – Sharing actions and reusable workflows from private repositories is now GA (Dec. 2022)
The actions and reusable workflows from private repositories can now be shared with other private repositories within the same organization, user account, or enterprise.
See managing the repository settings and managing the enterprise repository settings to allow access to workflows in other repositories.
We have also added the API support to configure Actions share policy.
Refer to API support or API support for Enterprise for more details.
Learn more about Sharing actions and workflows from your private repository, Sharing actions and workflows with your organization, and Sharing Actions and workflows with your enterprise.
Trying to use pulumi preview with Github actions. The workflow file is giving me the below error.
Invalid workflow file: .github/workflows/pull_request.yml#L12
error parsing called workflow "peopleticker/ccc/.github/workflows/pull_request.yml#master": workflow was not found.
I'm using the workflow file below kindly check:
name: Call a reusable workflow
permissions:
id-token: write
contents: read
on:
pull_request:
jobs:
call-workflow-passing-data:
uses: peopleticker/ccc/.github/workflows/pull_request.yml#master
According to GitHub document:
doc
You can visit repository Setting -> Actions -> Access: Choose "Accessible from repositories in the organization"
You can't use reusable workflows from other private repositories.
Reusable workflows stored within a private repository can only be used by workflows within the same repository.
source
You can use private repo workflows but you have to give access on org level.
Github give access that.
Related documentaion: github-doc
Example Video Explanation: video-expl
I got 2 projects within my Azure Organisation. I have created a pipeline from one repository which it's job is to promote code from one repo in the current project to another repo in a different project. I am using YAML and have built up the service connections
# Deploy to PREPROD
resources:
repositories:
- repository: target
type: git
name: 'Other Project/ThisRepo'
trigger:
branches:
include: [
azure-pipelines
]
pool:
name: 'My Pool'
demands:
- agent.computerName -equals MYPC
steps:
- checkout: self
path: source
- checkout: target
path: target
So on the GUI, it shows the target repo and I can browse to it. However when I run the pipeline, I get the following: -
remote: TF401019: The Git repository with name or identifier ThisRepo
does not exist or you do not have permissions for the operation you
are attempting. fatal: repository
'https://dev.azure.com/myOrg/Other%20Project/_git/ThisRepo/' not found
I can't figure out why it can't access it. I've seen in the docs about if I can access it then when the pipeline is created it should be given permission... I don't understand :/
TIA
Please check if your <your project> Build Service accounts belongs to Project Collection Service Accounts on organization level.
I found similar issue solved here
Another option would be to add access only to particular repo to Build Service account from another project:
To do that go to:
Other Project
Settings
Repos -> Repositories
select ThisRepo
select Security tab and type name of the project which wants to use this repo and add Read permission
I am playing with github actions and trying to do something whenever other check is completed. I see 0 runs for this action.
This action is available in master branch and I am opening PR to the master.
I've tried to capture events via webhooks and I receive events there just fine. Why is my action not working?
Code below:
name: on check run
on:
check_run:
types: [ completed, rerequested, completed, requested_action]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v1
- name: ENV
run: env
- name: check out event
run: cat "$GITHUB_EVENT_PATH"
update
I also tried to have other checks in the repository (travis ci), the action is still not executed.
update 2
It turned out I was looking for different event that I needed. I confused status even with "check run" event. Travis ci in it's default setup produced "status" event, "check" api needs to be enabled separately
I think the issue might be that the GitHub Checks API support on Travis was only added to travis-ci.com. So if your checks are running on travis-ci.org you need to migrate.
See this blog post for the announcement.
https://blog.travis-ci.com/2018-05-07-announcing-support-for-github-checks-api-on-travis-ci-com
It is available to private and open source projects using travis-ci.com
This is the announcement about migration of
https://blog.travis-ci.com/2018-09-27-deprecating-github-commit-status-api-for-github-apps-managed-repositories
As part of our gradual migration to GitHub Apps for our GitHub integration, we’re formally deprecating GitHub Commit Status API updates for repositories on travis-ci.com managed by GitHub Apps. Instead, these repositories will have status updates reported to the GitHub Check Runs API.