github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-22 06:24:14 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

Action step with git authentication fails inside workflow_call when needs is set #13417

New Issue
Open
opened 2025-11-02 10:41:45 -06:00 by GiteaMirror · 3 comments
GiteaMirror commented 2025-11-02 10:41:45 -06:00
Owner
Copy Link

Originally created by @javiertury on GitHub (Aug 22, 2024).

Description

Doing a git checkout (actions/checkout@v4) inside a workflow_call that needs another job raises an authentication error.

It can be reproduced using the following nested workflow.

Workflow to reproduce the error 
# .gitea/workflows/main.yaml
name: test
run-name: test

on:
  workflow_dispatch:
  push:
    branches:
      - main


jobs:
  foo:
    runs-on: ubuntu-latest
    steps:
      -
        name: Foo
        run: |
          echo 'foo: ${{ inputs.foo }}'

  # Works fine, even if it has a dependency
  outer_needy_checkout:
    runs-on: ubuntu-latest
    needs: [foo]
    steps:
      -
        name: Outer needy checkout
        uses: https://github.com/actions/checkout@v4

  nested_checkout:
    runs-on: ubuntu-latest
    uses: ./.gitea/workflows/nested-checkout.yaml
    with:
      foo: bar
    secrets: inherit

  nested_needy_checkout:
    runs-on: ubuntu-latest
    uses: ./.gitea/workflows/nested-checkout.yaml
    needs: [foo]
    with:
      foo: bar
    secrets: inherit

# .git/workflows/nested-checkout.yaml

name: nested git checkout
run-name: nested git checkout
on:
  workflow_call:
    inputs:
      foo:
        type: string
        required: false

jobs:
  foo:
    runs-on: ubuntu-latest
    steps:
      -
        name: Foo
        run: |
          echo 'foo: ${{ inputs.foo }}'
      # This checkout works fine too, even though we are in a workflow_call
      -
        name: Nested checkout
        uses: https://github.com/actions/checkout@v4

  # fatal: could not read Username for '<repo>': terminal prompts disabled
  inner_needy_checkout:
    runs-on: ubuntu-latest
    needs: [foo]
    steps:
      -
        name: Nested needy checkout
        uses: https://github.com/actions/checkout@v4

The step Nested needy checkout fails with

fatal: could not read Username for '<repo>': terminal prompts disabled

Bear in mind that due to bugs https://github.com/go-gitea/gitea/issues/26736 and https://github.com/go-gitea/gitea/issues/26187, the UI marks the job as a sucess, but reading the logs in details reveals the error.

Gitea Version

1.22.1

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

image

Git Version

No response

Operating System

No response

How are you running Gitea?

I'm using the official gitea helm chart on k3s

Database

SQLite

Originally created by @javiertury on GitHub (Aug 22, 2024). ### Description Doing a git checkout (`actions/checkout@v4`) inside a `workflow_call` that `needs` another job raises an authentication error. It can be reproduced using the following nested workflow. <details> <summary>Workflow to reproduce the error</summary> ```yaml # .gitea/workflows/main.yaml name: test run-name: test on: workflow_dispatch: push: branches: - main jobs: foo: runs-on: ubuntu-latest steps: - name: Foo run: | echo 'foo: ${{ inputs.foo }}' # Works fine, even if it has a dependency outer_needy_checkout: runs-on: ubuntu-latest needs: [foo] steps: - name: Outer needy checkout uses: https://github.com/actions/checkout@v4 nested_checkout: runs-on: ubuntu-latest uses: ./.gitea/workflows/nested-checkout.yaml with: foo: bar secrets: inherit nested_needy_checkout: runs-on: ubuntu-latest uses: ./.gitea/workflows/nested-checkout.yaml needs: [foo] with: foo: bar secrets: inherit ``` ```yaml # .git/workflows/nested-checkout.yaml name: nested git checkout run-name: nested git checkout on: workflow_call: inputs: foo: type: string required: false jobs: foo: runs-on: ubuntu-latest steps: - name: Foo run: | echo 'foo: ${{ inputs.foo }}' # This checkout works fine too, even though we are in a workflow_call - name: Nested checkout uses: https://github.com/actions/checkout@v4 # fatal: could not read Username for '<repo>': terminal prompts disabled inner_needy_checkout: runs-on: ubuntu-latest needs: [foo] steps: - name: Nested needy checkout uses: https://github.com/actions/checkout@v4 ``` </details> The step `Nested needy checkout` fails with ``` fatal: could not read Username for '<repo>': terminal prompts disabled ``` Bear in mind that due to bugs https://github.com/go-gitea/gitea/issues/26736 and https://github.com/go-gitea/gitea/issues/26187, the UI marks the job as a sucess, but reading the logs in details reveals the error. ### Gitea Version 1.22.1 ### Can you reproduce the bug on the Gitea demo site? No ### Log Gist _No response_ ### Screenshots ![image](https://github.com/user-attachments/assets/cad8b4c8-5a9a-4de8-a716-eae025a74a28) ### Git Version _No response_ ### Operating System _No response_ ### How are you running Gitea? I'm using the official gitea helm chart on k3s ### Database SQLite
GiteaMirror added the topic/gitea-actionstype/bug labels 2025-11-02 10:41:45 -06:00
GiteaMirror commented 2025-11-02 10:41:46 -06:00
Author
Owner
Copy Link

@Zettat123 commented on GitHub (Sep 11, 2024):

This bug is not related to needs. Actually, this bug can be reproduced without needs, but not stably. The reason should be that Gitea does not correctly handle reusable workflows with multiple jobs.

@Zettat123 commented on GitHub (Sep 11, 2024): This bug is not related to `needs`. Actually, this bug can be reproduced without `needs`, but not stably. The reason should be that Gitea does not correctly handle reusable workflows with multiple jobs.
GiteaMirror commented 2025-11-02 10:41:46 -06:00
Author
Owner
Copy Link

@lunny commented on GitHub (Sep 24, 2024):

This should be fixed by https://gitea.com/gitea/act/pulls/116

@lunny commented on GitHub (Sep 24, 2024): This should be fixed by https://gitea.com/gitea/act/pulls/116
GiteaMirror commented 2025-11-02 10:41:46 -06:00
Author
Owner
Copy Link

@WereCatf commented on GitHub (Nov 15, 2024):

This should be fixed by https://gitea.com/gitea/act/pulls/116

Um, no, it's not. I just ran into this issue myself and authentication still fails with the "could not read Username for" message. Given that the issue is not fixed, I don't understand why this was closed.

@WereCatf commented on GitHub (Nov 15, 2024): > This should be fixed by https://gitea.com/gitea/act/pulls/116 Um, no, it's not. I just ran into this issue myself and authentication still fails with the "could not read Username for" message. Given that the issue is not fixed, I don't understand why this was closed.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label topic/gitea-actions type/bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#13417
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?