Action permission issues

tps · March 1, 2024, 6:00pm

Hi all,
I’m fighting this issue for a week now (new to gitea).
We have an in-house gitea instance running for a manage project git repository. Everything works as expected, after getting all the Windows users familiar with ssh keys. We have all repositories set as private, as we don’t want the whole company having access to the code as we develop it.

We have one repository that is common code elements for our UI, which is used across multiple internal projects. We want a push to run the action : checkout the repository, then pull the common UI into another path, then build. The first part works, as it should, but no matter what I do, I can NOT get to the second repository, usually as a “permission denied”. I can do all this from the command line, so I’m missing something important.

I can’t seem to figure out if I need tokens (can’t seem to get them to make a difference), ssh-key (no difference), deploy key (not sure how they really work), or something else.

(Edit) Trying to use a PAT gives me the dreaded “::error::Input required and not supplied: token” . Seems like no one get’s past that.

Help? There are no real examples I can find, so here I am.

Dynames · March 3, 2024, 4:03am

It might help to see the actions/checkout step in your pipeline config.
Just to clarify you have tried the action’s options ssh-key and token?

tps · March 4, 2024, 6:34pm

Yes, I get user permission denied with ssh-key and input required and not supplied with the token

on:
push:
branches:
- main
container:
volumes:
- /data/files:/data/files:rw
jobs:
build:
runs-on: ubuntu-22.04

steps:
- name: Checkout repository
env:
GIT_SSL_NO_VERIFY: true
uses: actions/checkout@v4
``
- name: Checkout bla-ui repository
env:
GIT_SSL_NO_VERIFY: true
uses: actions/checkout@v4
with:
repository: bla/bla-ui
token: ${{ secrets.TPSRO }}
#ssh-key: ${{ secrets.DEPLOY_PRIVATE }}
path: src/bla-ui
ref: main

amans · March 22, 2024, 1:37pm

A few things to check:

user permission denied - This usually means the SSH key you are trying to use does not have permission to access the other repository. Make sure the private key is configured correctly on the Gitea deployment keys/access for the target repository.

input required and not supplied with the token - For a private repository, you need to provide both an SSH key and personal access token. The token alone is not enough.

Suggestions:

Make sure the SSH private key secret is configured correctly in your workflow

Double check the key matches what is configured as a deployment key for the target repository

Try adding both the SSH key secret and a personal access token secret:

with:
  repository: bla/bla-ui
  ssh-key: ${{ secrets.DEPLOY_PRIVATE_KEY }} 
  token: ${{ secrets.GITEA_TOKEN }}

Make sure the target repository has enabled deploy keys or the personal access token has sufficient permissions

Try cloning the repo directly with git instead of using actions/checkout to narrow down where the issue is.

You likely need to configure both the SSH key and a token, and ensure the key has permissions on the target repo

Topic		Replies	Views
Tutorial for gitea actions Actions	0	1141	August 9, 2023
SSH with Actions Actions	1	1434	May 15, 2023
Using Docker images from private repository to run actions in Actions	8	1032	February 22, 2024
Error on launching Gitea Actions job with "uses" Actions	1	1224	June 8, 2023
Cannot checkout a repository hosted on a gitea instance using self-signed certificate (`server certificate verification failed`) Actions	2	1543	October 3, 2023

Action permission issues

Related Topics