-
I’m working on a workflow with a fairly long build and I’m seeing failures in code designed to interact with the PR (adding a comment with a link to the build result) at the end of the build. I’m running the workflow on Mac and PC and both flows use the same python script set up with the same environment variables in order to upload the build to S3 and then post a comment on the PR. The Mac build takes about a half hour and completes fine. The PC build takes about 1 hour and 15 minutes before it runs the script at which point the script throws an exception: 401 {“message”: “Bad credentials”, “documentation_url”: “https://developer.github.com/v3”} If I alter the build so it skips some of the longer duration components (and thus completes in less than an hour) it runs fine. So I’m guessing that the token created for the workflow only has a lifetime of about an hour? Github workflows are allowed to run for up to 6 hours though, so it seems like the token lifetime should be at least that long. |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments
-
Indeed, the token expires after 1 hour. From https://help.github.com/en/actions/automating-your-workflow-with-github-actions/authenticating-with-the-github_token: “The GITHUB_TOKEN secret is a GitHub App installation access token.” and “The installation access token expires after 60 minutes.” |
Beta Was this translation helpful? Give feedback.
-
So it expires at an hour, is there any workaround for this? I too want a long-ish running task to then comment or create an issue, but I’m getting the 401 error. What options do I have? |
Beta Was this translation helpful? Give feedback.
-
Only workaround I found is to create personal access token, add it to secrets (say,
But this is suboptimal, since it actions would be from your name, not from name of the bot. |
Beta Was this translation helpful? Give feedback.
-
mikedombo:
@mikedombo - That’s a great question. I think it’s worth mentioning that the Authenticating with the GITHUB_TOKEN: About the GITHUB_TOKEN secret article recently updated with this note:
Given this documented behavior, you could create a workflow with many jobs, where each job cites the |
Beta Was this translation helpful? Give feedback.
Indeed, the token expires after 1 hour. From https://help.github.com/en/actions/automating-your-workflow-with-github-actions/authenticating-with-the-github_token:
“The GITHUB_TOKEN secret is a GitHub App installation access token.”
and
“The installation access token expires after 60 minutes.”