New tag does not trigger an event

I would like to trigger a new action after creating a new tag in a PR close & merge action:

So, step 1: PR close & merge that creates a tag and pushes it to master successfully:

on:
  pull_request:
    branches: [ master ]
    types: [closed]

jobs:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2  
      with:
        fetch-depth: 0
  ...

    - name: Git Tag
      if: github.event.pull_request.merged == true
      run: |
        git tag ${VERSION} ${GITHUB_SHA}
        git push --tags origin master

Step 2 (version a): When a new tag is pushed, initiate an event

on:
  push:
    tags:
    - '*'

Step 2 (version b): When a new tag is created, initiate an event

on:
  create:
    tags:

Even though I have tried both approaches an event is not triggered. Please help.

Note: When I do manually git tag and git push --tags (not using GitHub Actions), an event (mentioned in Step 2) is triggered.

Hi @ivanovaleksandar,

Glad to see you in Github Community Forum!

This is due to events triggered by the GITHUB_TOKEN will not create a new workflow run. It’s mentioned in the official doc here.

‘actions/checkout’ will persist GITHUB_TOKEN for latter git operations, hence the tag is pushed with GITHUB_TOKEN. You can add “persist-crendetials: false” to avoid this.

    - uses: actions/checkout@v2  
      with:
        fetch-depth: 0
        persist-credentials: false

You can create a secret wih Personal Access Token and use it to push a tag.

I tried to use rest api to create a tag, code sample as below, it use PAT and can trigger workflow.

     - name: push git tag
       run: |
         curl -s -X POST https://api.github.com/repos/${{ github.repository }}/git/refs \
           -H "Authorization: token ${{ secrets.PAT1 }}" \
           -d '{ "ref": "refs/tags/v3.0.4", "sha": "shavalue" }'

Thanks

@weide-zhou thanks for the reply, but whenever I try to do this with the rest api call that you suggested, I am faced with this (even though I used a PAT from an admin user with all scopes enabled):

{
  "message": "Not Found",
  "documentation_url": "https://developer.github.com/v3/git/tags/#create-a-tag-object"
}

What am I missing here?

Hi @ivanovaleksandar,

Thanks for your reply! What’s your code? Is there any typo?

My workflow for your reference:
push tag: https://github.com/weide-zhou/ticket13/runs/844947896?check_suite_focus=true#step:3:45
2nd workflow triggered: https://github.com/weide-zhou/ticket13/runs/844948714?check_suite_focus=true

It’s just a sample code which use PAT token, you can change it with your case.

Thanks

Thank you @weide-zhou !

There were permissions missing for the call.