Latest v2 broke all of my private github actions

[derek-burdick]

After the release this morning, all of my github actions using checkout to pull a private action started failing.

      - uses: actions/checkout@v2
        with:
          repository: privateorg/actions
          path: .privateorg-actions
          ssh-key: ${{ secrets.GITSSHKEY }}

I would like to request that you revert the change that is now breaking hundreds of my private workflows.

[drwoods]

Same here. We had to update several repos (with many more to come) to use the token instead -

- uses: actions/checkout@v2
        with:
          repository: privateorg/actions
          path: .privateorg-actions
          token: ${{ secrets.TOKEN }}

The v2.3.0 release needs to be reverted and released as a breaking v3 release if token needs to be a required/valid parameter.

[mizumotok]

I got the same problem.
"Determining the default branch" fails using ssh-key.

Determining the default branch
  Retrieving the default branch name
  Not Found
  Waiting 12 seconds before trying again
  Retrieving the default branch name
  Not Found
  Waiting 12 seconds before trying again
  Retrieving the default branch name
  ##[error]Not Found

I guess checking the default branch before setting up auth.

https://github.com/actions/checkout/blob/v2.3.0/src/git-source-provider.ts#L22

  // Determine the default branch
  if (!settings.ref && !settings.commit) {
    core.startGroup('Determining the default branch')
    settings.ref = await githubApiHelper.getDefaultBranch(
      settings.authToken,
      settings.repositoryOwner,
      settings.repositoryName
    )
    core.endGroup()
  }
  :
  :
  :
  const authHelper = gitAuthHelper.createAuthHelper(git, settings)
  try {
    // Configure auth
    core.startGroup('Setting up auth')
    await authHelper.configureAuth()
    core.endGroup()

[phiresky]

Same here. This is breaking all of our test runs since they fetch info from a different repo than the tested one. Pretty sure this is caused by #278 @ericsciple

Using the repo token is not a valid solution in general since it doesn't work for ssh keys that are passed via secrets that are not part of the normal TOKEN.

For some reason in that PR it was decided to use the proprietary Github API instead of the standard git api to determine the default branch, which means this also shouldn't work for repos from any other provider other than github.

The standard git api for determining the default branch is fetching the HEAD ref from the remote. If the repo is already synchronized, this is just git symbolic-ref refs/remotes/origin/HEAD. Otherwise, it can be fetched by either:

• git remote show https://github.com/actions/checkout | grep 'HEAD branch' human readable, only works within a git repo
• git ls-remote --exit-code --symref https://github.com/actions/checkout HEAD works from anywhere, independent of the surrounding repository, machine readable output (i guess)

Also, instead of just failing completely when default branch cannot be determined (might be possible to configure a repo to not have one?) it should probably still fall back to master to be compatible with previous behaviour?

[viernullvier]

We've been running into the same error message as @mizumotok - the default branch selection logic still seems to have some major issues.

Our configuration:

- name: Checkout deploy repo
        uses: actions/checkout@v2
        with:
          repository: redacted/redacted.url
          path: .redacted.url
          ssh-key: ${{ secrets.QA_DEPLOY_KEY }}

For the time being, setting the ref explicitly fixed the issue for us:

- name: Checkout deploy repo
        uses: actions/checkout@v2
        with:
          repository: redacted/redacted.url
          path: .redacted.url
          ref: master
          ssh-key: ${{ secrets.QA_DEPLOY_KEY }}

I agree with @drwoods - it seems like v2.3 introduced some breaking changes, so it should have been a v3 release instead.

[ericsciple]

Sorry about the disruption.

I just pushed an update to v2 which contains the fix. Let me know if everything is working again.

[ericsciple]

@phiresky thanks for the git ls-remote suggestion!

[drwoods]

verified that v2.3.1 works for my repos that are using ssh-key w/o a token. Thanks!

[mizumotok]

Works fine for my repos. Thank you.

[faizalzakaria]

I'm hoping that the future changes shouldn't break the legacy. With multiple of repo, to update them is tedious.