[BUG] Unauthorized about dynamic-badges-action HOT 8 CLOSED

No worries - have a great time using the action!

from dynamic-badges-action.

Awesome! I am glad that you figured this out. And thank you very much for the feedback!

from dynamic-badges-action.

Well, this looks good to me. The only thing which could go wrong are these, I guess:

• Are you 100% sure that you checked the "gist" scope when creating the new access token?
  
• Are you sure that you added the token as secret to your repo and named it GIST_TOKEN?
  

If you are not entirely sure, maybe you can repeat the steps. Maybe, something went wrong while copy-pasting the secret...

from dynamic-badges-action.

Yup, I'm a derp-a-derp! face palm

Sorry for the false negative.

Thanks for this great github action!

from dynamic-badges-action.

Hi there! I fear that I can not suggest anything which you haven't tried already. I just tried it myself with the latest version and everything went well. Here are the steps I did:

• Create a public gist with some random content. You have to have a file in there indeed, but the name and the content does not matter. You can remove this initial data once the the action has run for the first time. I haven't tried it with a private gist but AFAIK, there is not much difference. Private gists are not listed on GitHub, but anyone with the URL can access them nonetheless.
• Add a new classic token for your user account with the gist scope. I haven't tried it with the fine-grained tokens.
• Copy the secret and store it as GIST_SECRET in the "Repository Secrets" of the repository where the action will run. Like this:
• In the workflow configuration, I used schneegans/[email protected]. The gistID should be something like 8cf45f23253ff09b21196e7271378763.

Is there something which you may have done differently?

from dynamic-badges-action.

I just realized I named my token GIST_SECRET on GitHub, but called it GIST_TOKEN in my workflow file. I'm rerunning the workflow now. If that was it, we can close this as a facepalm issue. One sec...

from dynamic-badges-action.

Hi @Schneegans, sorry for adding to this older issue. If you prefer, I can of course open a new one.

I have the same problem, that is described here, and I would like to ask for help.

Actually it worked before for me, but now I cannot get it to work again.

I tried the following:

• create secret and public gist, copy the id
• create a "classic" token with gist scope (ghp_...) and a new "fine-grained" token with only account gist permissions (github_pat_...) and add it to GIST_TOKEN
• use [email protected] and @v1.7.0

I cannot get past the:

1.6.0: Failed to get gist, response status code: 401, status message: Unauthorized
1.7.0: Failed to get gist: 401 Unauthorized

The article by Ned Batchelder says:

Go to https://gist.github.com and make an empty secret gist [...]

Can I do this wrong? It won't let me create a gist without contents (error: "Contents can't be empty").

I don't know what else to do, but to ask for help. Can I enable a verbose mode (could not find one) to investigate? What could I be doing wrong? Can I have some other settings in the repo, that prevent me from accessing the gist? Other actions work fine.

Any help would be appreciated.

PS: This is my code.

    - name: Generate coverage badge
      uses: schneegans/dynamic-badges-action@e9a478b16159b4d31420099ba146cdc50f134483 # v1.7.0
      with:
        # GIST_TOKEN is a GitHub personal access token with scope "gist".
        auth: ${{ secrets.GIST_TOKEN }}
        gistID: <my-gist-id>
        filename: coverage-badge.json
        label: Coverage
        namedLogo: python
        message: ${{ env.TOTAL_COV }}%
        minColorRange: 50
        maxColorRange: 90
        valColorRange: ${{ env.TOTAL_COV }}

from dynamic-badges-action.

Thank you very much for your quick and helpful answer. But I also need to 🤦.

I set up everything once again and got 401 again.

But then I found my mistake through GitHub Actions debugging. The secret never got to the action input. That is because in my new project I used reusable workflows: one main CI workflow, that calls the test workflow, which has the dynamic-badges-action as one of its jobs. I needed to add secrets: inherit to the main workflow to enable the test workflow to access secrets.GIST_TOKEN at all.

That has nothing to do with you action, so sorry for the confusion.

But for people reading this in the future. I can confirm the action (v1.7.0) works:

• with secret gists
• with fine grained personal tokens

Thanks again @Schneegans for this wonderful action.

from dynamic-badges-action.