Allow run cmd to clone private repo

I’m tryng out Github actions to build buld our many repositories created for PlatformIO IoT development.
Many of our repo’s have dependencies on other private repos, and those dependent repo’s are cloned as part of the platformIO build process.

So my action contains a run statement that will try to clone other private repo’s but this isnt working.
The clone action ends in a fatal error:

git version 2.31.1
(https: //github. com/ I-Connect/csMainV5/runs/2385097024?check_suite_focus=true#step:7:125)Cloning into ‘/home/runner/work/csMainV5/csMainV5/.pio/.cache/tmp/pkg-installing-ojc7shvw’…
(https://github. com/I-Connect/csMainV5/runs/2385097024?check_suite_focus=true#step:7:126)fatal: could not read Username for ‘https:// github. com/)’: No such device or address

I’ve tried the suggestion with an AccesToken on my account, and added it to the repo being build but that doesnt seem to work.

How can I get this to work?

name: PlatformIO CI
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
      with:
        token: ${{ secrets.ACCESS_TOKEN }}

    - name: Cache pip
      uses: actions/cache@v2
      with:
        path: ~/.cache/pip
        key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
        restore-keys: |
          ${{ runner.os }}-pip-

    - name: Cache PlatformIO
      uses: actions/cache@v2
      with:
        path: ~/.platformio
        key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}

    - name: Set up Python
      uses: actions/setup-python@v2
    - name: Install PlatformIO
      run: |
        python -m pip install --upgrade pip
        pip install --upgrade gitpython
        pip install --upgrade platformio

    - name: Run PlatformIO
      run: pio run -e debug -e release

actions/checkout configures the token only for the local repository, not for any the build might be retrieving. The easiest approach would probably be to copy the http.https://github.com/.extraheader setting from the repository to the user level config. Make sure to delete it again after checking out what you need!

Thank you for your reply. I don’t quite understand what you mean with the http.https://github.com/.extraheader setting but I’m not sure something like that will work…

The project that is being build has a config file stating its dependencies and that is used by the build process (pio run ...) to clone the necessary repositories. I don’t want to repeat those dependencies in the action script.

I’m just reading about adding a access-token to the repo url … As the dependencies are specified as git urls, it might work if I add an access token there. Will try that tonight … hmm but that would mean having explicit credentials in my source code - don’t want that

If you look at the log of a workflow using actions/checkout you can see something like this:

The last command in that list adds an Authorization header to HTTPS requests to github.com, with a value based on the token, for the local repository (--local). You could use a similar approach to set up authorization before you fetch the other repositories, probably at the user level.

I tried copying from local to global but that didnt go very well, then I found this:

It’s exactly what I needed