Error: Input required and not supplied: github-token

[marckohlbrugge]

Any ideas why I might getting the following error?

Error: Input required and not supplied: github-token

I've followed the README example and set the github-token. My automerge.yml looks like this:

name: automerge

on:
  pull_request:

jobs:
  auto-merge:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: ahmadnassri/action-dependabot-auto-merge@v2
        with:
          target: minor
          github-token: ${{ secrets.AUTOMERGE_GITHUB_TOKEN }}

The repo has a secret called AUTOMERGE_GITHUB_TOKEN with a Personal Access Token with full repo access.

When I manually re-run this action it succeeds.

[marckohlbrugge]

Relevant logs:

[…]
2022-03-02T09:03:05.3668367Z HEAD is now at d24768c Merge bb8853c3d7d046c9d03120031cc47434301d719d into 4a43b4aef76dac8e28dd268559d59bd3193bf3cc
2022-03-02T09:03:05.3685407Z ##[endgroup]
2022-03-02T09:03:05.3733109Z [command]/usr/bin/git log -1 --format='%H'
2022-03-02T09:03:05.3752864Z 'd24768cd7ee1f955e12cf37d10b9b63a4d9d34fa'
2022-03-02T09:03:05.3940737Z ##[group]Run ahmadnassri/action-dependabot-auto-merge@v2
2022-03-02T09:03:05.3941039Z with:
2022-03-02T09:03:05.3941352Z   target: minor
2022-03-02T09:03:05.3941624Z   config: .github/auto-merge.yml
2022-03-02T09:03:05.3941908Z   command: merge
2022-03-02T09:03:05.3942183Z   botName: dependabot
2022-03-02T09:03:05.3942407Z   approve: true
2022-03-02T09:03:05.3942700Z ##[endgroup]
2022-03-02T09:03:05.4131940Z ##[command]/usr/bin/docker run --name ghcrioahmadnassriactiondependabotautomergev2_9df7f1 --label 7db2d7 --workdir /github/workspace --rm -e INPUT_TARGET -e INPUT_GITHUB-TOKEN -e INPUT_CONFIG -e INPUT_COMMAND -e INPUT_BOTNAME -e INPUT_APPROVE -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/betalist/betalist":"/github/workspace" ghcr.io/ahmadnassri/action-dependabot-auto-merge:v2
2022-03-02T09:03:05.9957327Z /action/node_modules/@actions/core/lib/core.js:94
2022-03-02T09:03:05.9957844Z         throw new Error(`Input required and not supplied: ${name}`);
2022-03-02T09:03:05.9958311Z               ^
2022-03-02T09:03:05.9958419Z 
2022-03-02T09:03:05.9958907Z Error: Input required and not supplied: github-token
2022-03-02T09:03:05.9959321Z     at Object.getInput (/action/node_modules/@actions/core/lib/core.js:94:15)
2022-03-02T09:03:05.9959660Z     at file:///action/index.js:28:15
2022-03-02T09:03:05.9959999Z     at ModuleJob.run (node:internal/modules/esm/module_job:185:25)
2022-03-02T09:03:05.9960381Z     at async Promise.all (index 0)
2022-03-02T09:03:05.9960697Z     at async ESMLoader.import (node:internal/modules/esm/loader:281:24)
2022-03-02T09:03:05.9961098Z     at async loadESM (node:internal/process/esm_loader:88:5)
2022-03-02T09:03:05.9961444Z     at async handleMainPromise (node:internal/modules/run_main:65:12)
2022-03-02T09:03:06.1263061Z Post job cleanup.
2022-03-02T09:03:06.2404935Z [command]/usr/bin/git version
2022-03-02T09:03:06.2449464Z git version 2.35.1
2022-03-02T09:03:06.2481063Z [command]/usr/bin/git config --local --name-only --get-regexp core\.sshCommand
2022-03-02T09:03:06.2516710Z [command]/usr/bin/git submodule foreach --recursive git config --local --name-only --get-regexp 'core\.sshCommand' && git config --local --unset-all 'core.sshCommand' || :
2022-03-02T09:03:06.2753706Z [command]/usr/bin/git config --local --name-only --get-regexp http\.https\:\/\/github\.com\/\.extraheader
2022-03-02T09:03:06.2778416Z http.https://github.com/.extraheader
2022-03-02T09:03:06.2792306Z [command]/usr/bin/git config --local --unset-all http.https://github.com/.extraheader
2022-03-02T09:03:06.2824675Z [command]/usr/bin/git submodule foreach --recursive git config --local --name-only --get-regexp 'http\.https\:\/\/github\.com\/\.extraheader' && git config --local --unset-all 'http.https://github.com/.extraheader' || :
2022-03-02T09:03:06.3264673Z Cleaning up orphan processes

[mfugate1]

When I ran into this, it was because I was using a secret for the token that was not a Dependabot secret. See https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions#accessing-secrets

[marckohlbrugge]

@mfugate1 Thank you! That did indeed solve it

[fasenderos]

@mfugate1 thank you! For the sake of completeness I had to add the same secret in Secret -> Actions and Secret -> Dependabot. The first one is used in case you want to manually re-run the action in case something goes wrong, the second one is used by the auto-merge action

[TAGC]

@mfugate1 @fasenderos Thanks, this solved it for me too.

@ahmadnassri It might be worth adding this to the README to avoid a common gotcha.

[Floppy]

Fixed here too, definitely worth adding this to the README - I hadn't even realised dependabot specific secrets were a thing.