-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow runner to access organization repositories or implement a way for remote authentication for steps #25929
Comments
No, the runner has no more permission than fetching and reporting tasks. It can access the repo because the it gets a temporary token with some limited permissions. It's in the planning to config the permissions of the temporary token, see #24635.
@sillyguodong I think you could help. |
We have supported expression in uses: https://${{ secrets.GITHUB_TOKEN }}:@my-gitea-instance/myOrg/myAction |
Is there a known approach for using the solution provided by @sillyguodong to call shared workflows? When attempting to embed the token in the URL I get the following error message: calling workflow snippet:
output:
|
@jonas-switala YAML parsers can often have issues when an unquoted string has a colon which is quite ironic considering your workflow name. I would recommend quoting the string. Also that is not a valid URL, you must use an @ to separate credentials from the host. See the definition |
Feature Description
I have a private gitea instance, I configured it to require sign-in, I want to use actions hosted on my instance, but when I do:
The runner is unable to clone the repository:
I think the runner (that is registered to "myOrg") should be able to access repositories of the same organization or we need to be able to provide auth keys for the fetching of actions.
Screenshots
No response
The text was updated successfully, but these errors were encountered: