Action does not trigger another on push tag action

Hello, I’m trying to trigger an action from another action.

I have an action which pushes to master and pushes a tag generated. It’s using a  PERSONAL_ACCESS_TOKEN which according to another tickets 1, 2, it should not prevent other actions from being triggered. 

That action should trigger my other action which is trigger by a tag push, but it’s not being triggered. It’s only triggered if I manually push the tag.

I’m using this to listen to a tag creation:

on:
  push:
    tags:
      - '*'
3 Likes

Thanks @woile , I can repro on my end, I will raise a ticket to track internally, will update once there is a response.

1 Like

I have a dummy repo in order to test that, maybe it’s useful: https://github.com/Woile/test-github-actions

Thanks a lot

Events raised from workflows using the GITHUB_TOKEN do not currently trigger other workflows.

https://help.github.com/en/actions/automating-your-workflow-with-github-actions/events-that-trigger-workflows#about-workflow-events

An action in a workflow run can’t trigger a new workflow run. For example, if an action pushes code using the repository’s GITHUB_TOKEN, a new workflow will not run even when the repository contains a workflow configured to run when push events occur.

Your workflow is pinned to actions/checkout@master which now has the v2 version of the actions.  Due to significant feedback we have updated v2 to persist the GITHUB_TOKEN credential to the repo config to make git operations like push just work.  Mostly likely that credential in the config is being preferred by git over the credential you are passing in the formatted url.

3 Likes

According to chrispat’s comment, i changed to use ‘actions/checkout@v1’ not master in first workflow. The 2nd workflow is triggered!

1 Like

  Mostly likely that credential in the config is being preferred by git over the credential you are passing in the formatted url.

is this expected behaviour for actions/checkout?

I was able to work around the issue by switching from ‘actions/checkout@v2’ to ‘actions/checkout@v1’.

When using ‘actions/checkout@v2’ with a personal access token (rather than secrets.GITHUB_TOKEN), the github UI shows my user (rather than ‘github-actions’ bot) performed the tag push, yet there was no ‘push’ repo event.

@v2 must be causing the push to use the cached GITHUB_TOKEN in some manner as discussed above, even though the personal access token is used to determine the user to display in the GUI

1 Like
steps:
            - uses: actions/checkout@v2
              with:
                  # NOTE @v2 uses the token as an auth http header. Set it to
                  # a Personal Access Token instead of secrets.GITHUB_TOKEN
                  # so that tag pushes trigger repo push events.
                  token: ${{ secrets.MY_PERSONAL_ACCESS_TOKEN }}

Here is a workaround if you want to use @v2. Create a personal access token in your repo and use it as the token parameter to the @v2 action.

actions/checkout@v2 sets an http auth header in .git/config to the provided token value, which defaults to secrets.GITHUB_TOKEN which raises no repo events. This auth header appears to be used by github services in a manner that determines whether or not to raise repo events, in spite of whether the git user is actually authenticated differently using the other usual methods.

https://github.com/actions/checkout/blob/f2190623701cfebaaf26554b39e1e29cc4a1f2fb/src/git-auth-helper.ts#L53

6 Likes