I am trying to work with github's REST API from within a github actions workflow. I'm more or less trying to do as per this example from github.
My workflow looks as below:
on:
workflow_call:
jobs:
my_job:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
- name: try querying REST API
run: |
curl --request GET \
--url https://api.github.com/orgs/MY_ORG/packages?package_type=container \
--header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
--header 'accept: application/vnd.github+json' \
--fail
However, I get back response code 500. When I try the same request locally, using a PAT token rather than GITHUB_TOKEN, then the request is successful. I can't figure out why it won't respond in the same way to my request from inside the workflow.
Related
I am trying to trigger a workflow every time a commit is pushed to the repo. This little workflow adds a label to a jira ticket every time a commit is pushed. Whenever i would commit this workflow file and add a commit message, it would trigger the workflow but when i try it with other files in the repo it does absolutely nothing and I don't have a clue why. When i would also make changes to other workflow files it would also trigger this specific workflow.
I'm new to github actions so any help would be appreciated. Below is my full workflow. I have also tried with just "on: push:".
name: Update Jira with branch name
on:
push:
branches:
- '*'
jobs:
update_jira:
runs-on: ubuntu-latest
steps:
- name: Get branch name
run: echo "Branch name:${GITHUB_REF#refs/heads/}"
- name: Login
uses: atlassian/gajira-login#master
env:
JIRA_BASE_URL: x
JIRA_USER_EMAIL: y
JIRA_API_TOKEN: z
- name: Find in commit messages
uses: atlassian/gajira-find-issue-key#v3
with:
from: commits
- name: Update Jira with branch name
run: |
JIRA_URL=x
JIRA_USERNAME=y
JIRA_TOKEN=z
curl -X PUT -H "Authorization: Basic $(echo -n "$JIRA_USERNAME:$JIRA_TOKEN" | base64)" -H "Content-Type: application/json" -d "{\"fields\":{\"labels\":[\"${GITHUB_REF#refs/heads/}\"]}}" "$JIRA_URL/rest/api/latest/issue/$(cat /home/runner/jira/config.yml | grep "issue:" | awk '{print $2}')"
# Get the response code
response_code=$(curl -X PUT -H "Authorization: Basic $(echo -n "$JIRA_USERNAME:$JIRA_TOKEN" | base64)" -H "Content-Type: application/json" -d "{\"fields\":{\"labels\":[\"${GITHUB_REF#refs/heads/}\"]}}" "$JIRA_URL/rest/api/latest/issue/$(cat /home/runner/jira/config.yml | grep "issue:" | awk '{print $2}')" -s -o /dev/null -w "%{http_code}")
# Print the response code
echo "Response code: $response_code"
The workflow only runs with this 'on: push' setup if the workflow is stored on that branch. Check if the workflow exists on those other branches as well, and add it if missing.
I'm trying to deploy a file via bash to an external endpoint using github actions.
This file is located up two directories from where the action exists. Locally I can get to it using the path ../../src/indexer/templates/library.json. I've tried using the workspace as a root but the file is never actually set to the json variable. Current step:
- name: Deploy template to cluster
run: |
json="<${{GITHUB_WORKSPACE}}/src/indexer/templates/library.json"
echo "deploying template to cluster ${{ inputs.environment }}"
curl -X PUT \
-H 'Content-Type: application/json' \
-u "${{ steps.secrets.outputs.USERNAME }}:${{ steps.secrets.outputs.PASSWORD }}" \
-d '$json' \
"${{ secrets.CLUSTER_URL }}";
Is there some syntax I'm missing here, or is there a better way to do this in a separate step?
try the working-directory keyword to change to the directory before running your command
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
- name: Clean temp directory
run: rm -rf *
working-directory: ./temp
so right now I have:
gh api --method POST -H "Accept: application/vnd.github+json" /repos/${{ github.repository }}/actions/workflows/30721645/dispatches -F run_id=${{ github.run_id }}
my workflow_dispatch event takes run_id as input, but the problem is that I get invalid_key for this request, how do I properly pass in the run_id to gh api?
It is a bit more tricky as you have to pass a JSON to gh api and you also need to pass a ref.
This should work:
jq -n '{"ref":"main","inputs":{"run_id":"${{github.run_id}}"}}' | gh api -H "Accept: application/vnd.github+json" --method POST /repos/${{ github.repository }}/actions/workflows/30721645/dispatches --input -
If you don't have any inputs to pass in and are just running the workflow, you can use:
gh api /repos/joshjohanning-org/bash-testing/actions/workflows # get id
gh api -X POST /repos/joshjohanning-org/bash-testing/actions/workflows/19595110/dispatches -f ref='main'
Otherwise if you want inputs, you can use (similar to #Grzegorz Krukowski above):
gh api -X POST /repos/joshjohanning-org/bash-testing/actions/workflows/19595110/dispatches \
--input - <<< '{"ref":"main","inputs":{"message":"all"}}'
Or use gh workflow run:
gh workflow run -R joshjohanning-org/bash-testing blank.yml
echo '{"name":"scully", "greeting":"hello"}' | gh workflow run -R joshjohanning-org/bash-testing blank.yml --json
I'm trying to trigger a workflow event in Github.
for some reason, I'm able to GET information about my organization repository workflow but can not use '/dispatches'
Work is based on: https://docs.github.com/en/rest/actions/workflows#create-a-workflow-dispatch-event
Here is the curl code:
curl -X POST \
-H "Accept:application/vnd.github.v3+json" \
-H 'Authorization:token ${{ github.token }}' \
'https://api.github.com/repos/[owner/org]/[repo]/actions/workflows/9999999/dispatches' \
-d '{"event_type":"semantic-release"}'
Getting error:
422 Unprocessable Entity
"message": "Invalid request.\n\nFor 'links/0/schema', nil is not an object.",
"documentation_url": "https://docs.github.com/rest/reference/repos#create-a-repository-dispatch-event"
Am I missing some basic information for this to work and trigger an event?
Instead of trying to call the GitHub API directly, try and use the GitHub CLI gh (that you can install first to test locally).
You can also use GitHub CLI in workflows.
GitHub CLI is preinstalled on all GitHub-hosted runners.
For each step that uses GitHub CLI, you must set an environment variable called GITHUB_TOKEN to a token with the required scopes
It has a gh workflow run, which does create a workflow_dispatch event for a given workflow.
Authenticates first (gh auth login, if you are doing a local test):
# authenticate against github.com by reading the token from a file
$ gh auth login --with-token < mytoken.txt
Examples:
# Run the workflow file 'triage.yml' at the remote's default branch
$ gh workflow run triage.yml
# Run the workflow file 'triage.yml' at a specified ref
$ gh workflow run triage.yml --ref my-branch
# Run the workflow file 'triage.yml' with command line inputs
$ gh workflow run triage.yml -f name=scully -f greeting=hello
# Run the workflow file 'triage.yml' with JSON via standard input
$ echo '{"name":"scully", "greeting":"hello"}' | gh workflow run triage.yml --json
In your case (GitHub Action):
jobs:
push:
runs-on: ubuntu-latest
steps:
- run: gh workflow run triage.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
As explained by hanayama in the comments:
Found out the secrets. GITHUB_TOKEN doesn't work, even with permissions edited for the entire workflow.
Using a personal access token worked.
I'm attempting to create an Action that automatically adds a merged PR to a project so the PR can be reviewed for documentation needs. The key here is that the PR should be added to the project after it's been merged into main. From what I can tell, Github Actions don't work directly with merged PRs for the pull_request webhook.
Has anybody managed to do this or have any tips? My initial thought is to do something like:
name: Add-Merged-PRs
# Run this workflow every time a PR is merged into the main branch
on: push
branches:
- main
jobs:
# Take the PR that was merged and add it to a specified project.
You can use the pull_request event and narrow it down to "has been closed" and "was merged" using the types and branches properties of pull_request, then check in the github.event.pull_request context that the merged property is true.
All together, for a project named "Test" and a column "Merged PRs", using the GitHub CLI to make API calls, a workflow might look like this:
name: Add merged PRs to project
# When a PR into main is closed or merged
on:
pull_request:
types:
- closed
branches:
- main
jobs:
addpr:
name: Add PR to project
# PR must must be merged, not closed
if: github.event.pull_request.merged
runs-on: ubuntu-20.04
steps:
- name: Add PR to project board
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
projectid=$(gh api "repos/${{ github.repository }}/projects" \
-H "Accept: application/vnd.github.inertia-preview+json" \
| jq '.[] | select(.name == "Test").id')
columnid=$(gh api "projects/$projectid/columns" \
-H "Accept: application/vnd.github.inertia-preview+json" \
| jq '.[] | select(.name == "Merged PRs").id')
gh api "projects/columns/$columnid/cards" \
-H "Accept: application/vnd.github.inertia-preview+json" \
-F "content_type=PullRequest" \
-F "content_id=${{ github.event.pull_request.id }}"
For reference and to see how "closed with unmerged commits" and "properly merged" are told apart, see the docs for the pull_request payload object.