gitea/act_runner
61
107
Fork 79
Code Issues 139 Pull Requests 9 Actions Releases 21 Activity

ACTIONS_RUNTIME_TOKEN issues in docker/build-push-action@v5 #459

New Issue
Closed
opened 2024-01-08 13:08:28 +00:00 by barzog · 3 comments
barzog commented 2024-01-08 13:08:28 +00:00
Copy Link

It seems that issue mentioned in #396 is still not resolved:

- name: Push local image
        uses: docker/build-push-action@v5
        with:
          context: .
          tags: |
            <some tag>
          cache-from: type=gha
          cache-to: type=gha,mode=max
          load: true

It fails with:

::group::GitHub Actions runtime token ACs
::warning::Cannot parse GitHub Actions Runtime Token: Invalid token specified: missing part #2
::endgroup::
...
[command]/usr/bin/docker buildx build --cache-from type=gha --cache-to type=gha,mode=max --iidfile /tmp/docker-actions-toolkit-LOwump/iidfile --tag <some tag> --load --metadata-file /tmp/docker-actions-toolkit-LOwump/metadata-file .
ERROR: failed to solve: failed to configure gha cache exporter: token contains an invalid number of segments
::error::buildx failed with: ERROR: failed to solve: failed to configure gha cache exporter: token contains an invalid number of segments

When using empty ACTION_RUNTIME_TOKEN in environment vars - cache is not used:

::group::GitHub Actions runtime token ACs
::warning::ACTIONS_RUNTIME_TOKEN not set
::endgroup::
...
[command]/usr/bin/docker buildx build --cache-from type=gha --cache-to type=gha,mode=max --iidfile /tmp/docker-actions-toolkit-2BEOrN/iidfile --tag <some tag> --load --metadata-file /tmp/docker-actions-toolkit-2BEOrN/metadata-file .

As stated here: #119 (comment) - this token is not a JWT, but a simple string.
Is it possible to convert it to JWT?

It seems that issue mentioned in https://gitea.com/gitea/act_runner/pulls/396 is still not resolved: ``` - name: Push local image uses: docker/build-push-action@v5 with: context: . tags: | <some tag> cache-from: type=gha cache-to: type=gha,mode=max load: true ``` It fails with: ``` ::group::GitHub Actions runtime token ACs ::warning::Cannot parse GitHub Actions Runtime Token: Invalid token specified: missing part #2 ::endgroup:: ... [command]/usr/bin/docker buildx build --cache-from type=gha --cache-to type=gha,mode=max --iidfile /tmp/docker-actions-toolkit-LOwump/iidfile --tag <some tag> --load --metadata-file /tmp/docker-actions-toolkit-LOwump/metadata-file . ERROR: failed to solve: failed to configure gha cache exporter: token contains an invalid number of segments ::error::buildx failed with: ERROR: failed to solve: failed to configure gha cache exporter: token contains an invalid number of segments ``` When using empty ACTION_RUNTIME_TOKEN in environment vars - cache is not used: ``` ::group::GitHub Actions runtime token ACs ::warning::ACTIONS_RUNTIME_TOKEN not set ::endgroup:: ... [command]/usr/bin/docker buildx build --cache-from type=gha --cache-to type=gha,mode=max --iidfile /tmp/docker-actions-toolkit-2BEOrN/iidfile --tag <some tag> --load --metadata-file /tmp/docker-actions-toolkit-2BEOrN/metadata-file . ``` As stated here: https://gitea.com/gitea/act_runner/issues/119#issuecomment-738294 - this token is not a JWT, but a simple string. Is it possible to convert it to JWT?
ChristopherHX commented 2024-01-08 16:45:39 +00:00
Contributor
Copy Link

I also hope Gitea migrates to use JWT tokens here, because actions/upload-artifact@v4 and actions/download-artifact@v4 will require them once the GHES / Gitea is no longer blocked behind a github.com flag.

See here: https://github.com/nektos/act/issues/2135

I believe this would require changes to the artifacts backend on the Gitea Server side

this token is not a JWT, but a simple string.

I think it currently has the same format as a PAT token, with a restricted livetime.

I also hope Gitea migrates to use JWT tokens here, because `actions/upload-artifact@v4` and `actions/download-artifact@v4` will require them once the GHES / Gitea is no longer blocked behind a github.com flag. See here: <https://github.com/nektos/act/issues/2135> _I believe this would require changes to the artifacts backend on the Gitea Server side_ > this token is not a JWT, but a simple string. I think it currently has the same format as a PAT token, with a restricted livetime.
lng2020 commented 2024-01-12 16:47:09 +00:00
Member
Copy Link

It's not resolved completely. But the PR you referenced is doing right.
Before that fix, the build-push-action will exit as an error, thus the action will exit incompletely. After that, it will show a warning and continue to work. It will lose some functionality(like the cache you mentioned). However the workflow file of this repo only needs to upload the image to the docker hub, so the workaround can be removed. That fix is about turning an error into a warning and your issue is about a warning affecting some functionality.

I also hope Gitea migrates to use JWT tokens here

Agreed. Otherwise, some of the actions cannot be reused in Gitea Actions.

It's not resolved completely. But the PR you referenced is doing right. Before that fix, the `build-push-action` will exit as an error, thus the action will exit incompletely. After that, it will show a warning and continue to work. It will lose some functionality(like the `cache` you mentioned). However the workflow file of this repo only needs to upload the image to the docker hub, so the workaround can be removed. That fix is about turning an error into a warning and your issue is about a warning affecting some functionality. > I also hope Gitea migrates to use JWT tokens here Agreed. Otherwise, some of the actions cannot be reused in Gitea Actions.
lunny closed this issue 2024-02-08 02:43:40 +00:00
ChristopherHX commented 2024-03-04 15:11:54 +00:00
Contributor
Copy Link

I'm still working on this issue...

Current work is done here https://github.com/go-gitea/gitea/pull/29584

I'm still working on this issue... Current work is done here https://github.com/go-gitea/gitea/pull/29584
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
renovate/github.com-nektos-act-0.x
renovate/alpine-3.x
renovate/actions-setup-go-5.x
renovate/golang.org-x-term-0.x
v0.2.10
v0.2.9
v0.2.8
v0.2.7
v0.2.6
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.8
v0.1.7
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
v0.0.1
Labels
Clear labels   
kind
bug
Something is not working

  
kind
build

  
kind/compatible
  
kind
dependencies

  
kind
docs

  
kind
enhancement
New feature

  
kind
feature

  
kind
help wanted
Need some help

  
kind
proposal

  
kind
refactor

  
related
act
Related to act.

  
related
environment
Related to the environment.

  
related
exec

  
related
gitea
Related to Gitea.

  
related
workflow
Related to the workflow file or actions scripts.

  
reviewed
confirmed
confirmed issue

  
reviewed
duplicate
This issue or pull request already exists

  
reviewed
invalid
Something is wrong

  
reviewed
needs feedback

  
reviewed
wontfix
This won't be fixed

  
reviewed
workaround

No Label
kind
bug
kind
build
kind/compatible
kind
dependencies
kind
docs
kind
enhancement
kind
feature
kind
help wanted
kind
proposal
kind
refactor
related
act
related
environment
related
exec
related
gitea
related
workflow
reviewed
confirmed
reviewed
duplicate
reviewed
invalid
reviewed
needs feedback
reviewed
wontfix
reviewed
workaround
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: gitea/act_runner#459
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?