github-push-action
github-push-action copied to clipboard
ad-m
Commit does not belong to any branch
Pushing to a protected branch from within GitHub actions succeeded but the commit is marked as not belonging to any branch.
I have the following workflow:
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
with:
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}
...
- name: Setup git
run: |
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
- name: Versionize Release
id: versionize
run: versionize --changelog-all --exit-insignificant-commits
continue-on-error: true
- name: Push changes to GitHub
if: steps.versionize.outcome == 'success'
uses: ad-m/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: ${{ github.ref }}
tags: true
force_with_lease: true
If I remove branch protection and remove force_with_lease: true it seems to work fine.
Here are the outcomes of the actions. This log from the action with no branch protection and removed force_with_lease:
Run ad-m/[email protected]
with:
github_token: ***
branch: refs/heads/main
tags: true
github_url: https://github.com
directory: .
env:
DOTNET_ROOT: /usr/share/dotnet
Push to branch refs/heads/main
To https://github.com/my/repo.git
d7f4784..2187bf9 HEAD -> main
* [new tag] v1.1.1 -> v1.1.1
If the branch is protected and force_with_lease: true is added the logs are:
Run ad-m/[email protected]
with:
github_token: ***
branch: refs/heads/main
tags: true
force_with_lease: true
github_url: https://github.com
directory: .
env:
DOTNET_ROOT: /usr/share/dotnet
Push to branch refs/heads/main
To https://github.com/my/repo
* [new tag] v1.1.5 -> v1.1.5
So the .git is missing from To https://github.com/my/repo and there is no range of commits d7f4784..2187bf9 HEAD -> main.
So when I open the release log, I see that commit is there:
But when I open it I see the following:
Hi @eng1n88r, I'll set up a debug case on my side. Could you please share the corresponding protection rules and the repository? It seams not, that you you using an PAT to bypass the branch protection rules, right?
I tried with both GITHUB_TOKEN and PAT (following these instructions). And it behaves the same. In the example above I used the GH token, which is set to have read and write permissions on the Organization level.
Unfortunately, I could not share the repo I was working with, but I will try to create a new one as soon as I return.
Regarding, the branch protection rules I have the following checked:
- Require a pull request before merging
- Require status checks to pass before merging
- Require branches to be up to date before merging
- Require conversation resolution before merging
@eng1n88r Thank you for sharing your setup. That sounds like a scenario where you need a PAT. Otherwise, you can't push back to the protected branch, because only admin users or special tokens can bypass the protection rules. I'll set up a dummy repository on my side and I'll try to further debug it. FYI: I've got the feeling the issue is related to this line. If you want to continue troubleshooting, it would be helpful to try out the behavior with the force parameter.
@ZPascal Here is the public repo I created and reproduced the issue with GITHUB_TOKEN. Will try PAT in a few and force attribute and will let you know.