actions
Missing download info for actions/checkout@v4
Hi, my GHA pipeline started to fail on step that uses tenhaus/get-release-or-tag@v2 action.
The same error happens on checkout@v4, checkout@v3 and [email protected].
GHA job that fails when I try to use this action:
build-docker-acr-new:
runs-on: [ self-hosted, linux, cicdframework ]
needs: [unit-tests]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Login to ACR
uses: docker/login-action@v3
with:
registry: ${{ vars.ACR_REGISTRY_NEW }}
username: ${{ secrets.ACR_USERNAME_NEW }}
password: ${{ secrets.ACR_TOKEN_NEW }}
- name: Get TAG or SHA
uses: procter-gamble/get-release-or-tag-github-actions@v2
id: tag
- name: Build and push
id: docker_build
uses: docker/build-push-action@v6
with:
context: ./
file: ./Dockerfile
push: true
tags: ${{ vars.ACR_REGISTRY_NEW }}/spyglass-kpimanager-api:${{ steps.tag.outputs.tag }}
- name: Image Hash
run: echo ${{ steps.tag.outputs.tag }}
We're also suddenly seeing this with actions/checkout@v4 (and other tags) - we even see this with our own reusable actions in our enterprise orgs. I notice you're using self-hosted - as are we - but I can confirm this issue is also present with github's own ubuntu-latest.
My config is similar, but seeing the same issues:
Current runner version: '2.324.0'
Runner Image Provisioner
Operating System
Runner Image
GITHUB_TOKEN Permissions
Secret source: Actions
Prepare workflow directory
Prepare all required actions
Getting action download info
Error: Missing download info for actions/[email protected].[2](https://github.com/athieme/wmsx-api/actions/runs/15337176405/job/43156521575#step:1:2)
and my config is this:
name: CI + Test Report + Coverage
on:
push:
branches: [ main ]
pull_request:
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [ 18.x ]
steps:
- name: Checkout repository
uses: actions/[email protected]
- name: Set up Node.js
uses: actions/[email protected]
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: npm ci
- name: Run tests with coverage
run: |
mkdir -p test-results
npm run test:ci || true # Continue even if tests fail so reports can still be published
- name: Upload test results
uses: actions/[email protected]
with:
name: mocha-test-results
path: test-results
- name: Publish test results to GitHub PR
uses: dorny/[email protected]
if: always()
with:
name: Mocha Tests
path: test-results/junit.xml
reporter: jest-junit
fail-on-error: true
- name: Upload coverage to Codecov
uses: codecov/[email protected]
with:
token: ${{ secrets.CODECOV_TOKEN }}
Here's my config that got things working. Maybe it wasnt a bug at all or maybe it was just using tagged (and not release versions, I am not sure):
name: CI + Test Report + Coverage
env:
ACTIONS_STEP_DEBUG: true
ACTIONS_RUNNER_DEBUG: true
on:
push:
branches: [ main ]
pull_request:
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [ 18.x ]
steps:
- name: Checkout repository
uses: actions/[email protected]
- name: Set up Node.js
uses: actions/[email protected]
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: npm ci
- name: Run tests with coverage
run: |
mkdir -p test-results
npm run test:ci || true # Continue even if tests fail so reports can still be published
- name: Upload test results
uses: actions/[email protected]
with:
name: mocha-test-results
path: test-results
- name: Publish test results to GitHub PR
uses: dorny/[email protected]
if: always()
with:
name: Mocha Tests
path: test-results/junit.xml
reporter: jest-junit
fail-on-error: true
- name: Upload coverage to Codecov
uses: codecov/[email protected]
with:
token: ${{ secrets.CODECOV_TOKEN }}
We're also suddenly seeing this with
actions/checkout@v4(and other tags) - we even see this with our own reusable actions in our enterprise orgs. I notice you're usingself-hosted- as are we - but I can confirm this issue is also present with github's ownubuntu-latest.
We finally managed to resolve this in our GH Enterprise Cloud setup, and this is what we found:
- We are using reusable workflows from a discrete Org, of which contains repos containing the actual actions/workflows. In each repo, there's a separate actions permissioning option: Repo
Settings->Actions->General->Access:
- Only
Privateactions repos were callable from ourPrivatedownstream repos -Internaldid not work.
Side Note If you are using SSO, and you update a PAT's perms for, say, the service account running your workflow, you'll need to re-auth that PAT against the SSO-enabled Orgs again (via the Configure SSO drop-down button in the PAT dialog)! This also goes for SSH keys - they need to be individually auth'd (these issues may or may not have added to the overall issue, but leaving them here to spare others the couple of days it took to debug this).
This has just started happening for me yesterday. I've tried various version of the checkout action via both tags and sha ref, but the error persists. In my case, it only happens on some jobs, and always the same jobs, but all jobs are running the exact same checkout action, i.e.
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
I'm basically blocked now by this issue. We will be escalating this directly via Github support.
This same error started happening for us last week with actions/setup-java@v4.
Here's my config that got things working. Maybe it wasnt a bug at all or maybe it was just using tagged (and not release versions, I am not sure):
name: CI + Test Report + Coverage env: ACTIONS_STEP_DEBUG: true ACTIONS_RUNNER_DEBUG: true on: push: branches: [ main ] pull_request: jobs: test: runs-on: ubuntu-latest strategy: matrix: node-version: [ 18.x ] steps: - name: Checkout repository uses: actions/[email protected] - name: Set up Node.js uses: actions/[email protected] with: node-version: ${{ matrix.node-version }} - name: Install dependencies run: npm ci - name: Run tests with coverage run: | mkdir -p test-results npm run test:ci || true # Continue even if tests fail so reports can still be published - name: Upload test results uses: actions/[email protected] with: name: mocha-test-results path: test-results - name: Publish test results to GitHub PR uses: dorny/[email protected] if: always() with: name: Mocha Tests path: test-results/junit.xml reporter: jest-junit fail-on-error: true - name: Upload coverage to Codecov uses: codecov/[email protected] with: token: ${{ secrets.CODECOV_TOKEN }}
Looks like you used a wrong version of checkout: actions/[email protected] doesn't exist.
We were seeing this error in our GitHub Actions workflow:
Error: Missing download info for actions/checkout@v4
At first it looked like a GitHub bug or Enterprise policy issue โ the workflow had been stable for months. We tried downgrading actions/checkout to @v3, checked permissions, runner setup, enterprise/org policies, even tried new branches โ nothing helped.
๐ How I found the issue
To isolate the problem, I created a minimal YAML workflow that only did a checkout:
name: Simple Checkout Test
permissions:
contents: read
env:
ACTIONS_STEP_DEBUG: true
ACTIONS_RUNNER_DEBUG: true
on:
pull_request:
jobs:
checkout-test:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
โ That worked โ so I started adding steps back one by one from the original file.
โ Root cause The workflow broke as soon as I re-added this step:
- uses: isbang/[email protected]
with:
compose-file: "./docker-compose.ci.yml"
Even though this step comes after checkout, GitHub fetches metadata for all actions upfront. If one of them is broken (deleted, private, bad metadata), the whole workflow fails โ even at the checkout step.
โ Solution I replaced the action with the built-in Docker Compose CLI:
- name: Start services
run: docker compose -f ./docker-compose.ci.yml up -d
Takeaway: If you're hitting "Missing download info for actions/checkout@v4", try testing with a stripped-down workflow. A broken third-party action anywhere can silently block resolution of even official ones.
Hope this saves someone else a few hours! ๐งโจ
This is such a misleading error, the actual error is related to downloading internal action files. Somehow github's db got corrupt, and lot of the repos settings got reverted to "not accessible". And the saddest part is, the error info is so misleading, it has nothing to do with the actions/checkout@v4.
@miversen probably your repo: sbang/compose-action , Action Access settings reverted back to "Not Acccessible"
Wow. I've just done some testing based on this info, and it is indeed correct. The error message is total trash.
Thanks @miversen (and @arafatkhan-optimizely). At least now I know what's happening and can figure out a workaround.