Push from workflow not doesn't trigger on.push.tags workflow

robtayl0r · December 11, 2020, 4:39pm

I have a workflow that triggers on push branches:

    steps:
      - uses: actions/checkout@v2
      - uses: <some simple git tag action>
      - name: Push Version Update
        run: git push origin --follow-tags

Now the job is successful, the push tag step is successful, and I see the tag in the remote repository. However, a subsequent workflow to publish does not get triggered:

on:
  push:
    tags: ['v*']

If I manually create a tag and push it to the remote, the on.tags workflow will trigger.

I believe this is related to some internal Actions mechanism as to avoid workflow infinite loops. I realize I could be butchering the adoption of Actions with this approach. any ideas or suggestions as to how to properly adopt this type of workflow using Actions, where one workflow creates a tag and pushes it back to its repository, which can then be observed and trigger another flow?

airtower-luna · December 14, 2020, 5:28am

By default, actions/checkout configures GITHUB_TOKEN for authentication. The problem is that events caused by GITHUB_TOKEN cannot trigger new workflows as described in Using the GITHUB_TOKEN in a workflow:

When you use the repository’s GITHUB_TOKEN to perform tasks on behalf of the GitHub Actions app, events triggered by the GITHUB_TOKEN will not create a new workflow run.

If you want the push to create new workflow runs you need to use a PAT instead. After adding it as a secret you can do something like this to use it instead of GITHUB_TOKEN:

- uses: actions/checkout@v2
  with:
    token: ${{ secrets.PAT }}

robtayl0r · December 14, 2020, 5:28am

Thanks for the reply. It seems inappropriate for a CI job to use a PAT. If I leave the organization, the workflow will just start failing.

I guess I’ll try to figure out another way to trigger or just combine the workflows.