Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bugfix] Add github_token verification in resolver utils #7065

Merged
merged 2 commits into from
Mar 3, 2025
Merged

[Bugfix] Add github_token verification in resolver utils #7065

merged 2 commits into from
Mar 3, 2025

Conversation

tawago
Copy link
Contributor

@tawago tawago commented Mar 3, 2025

  • This change is worth documenting at https://docs.all-hands.dev/
  • Include this change in the Release Notes. If checked, you must provide an end-user friendly description for your change below

End-user friendly description of the problem this fixes or functionality that this introduces.
Previously, users would encounter a "Token is invalid" error when using the default GITHUB_TOKEN in GitHub Actions workflows, requiring them to set up a Personal Access Token (PAT) instead. With this fix, the resolver correctly validates GitHub Actions tokens, allowing workflows to run without additional token setup.

Give a summary of what the PR does, explaining any non-trivial design decisions.
The PR modifies the identify_token function to properly validate GitHub Actions tokens by:

  • Adding support for the Bearer authentication format used by GitHub Actions tokens
  • Using the repository endpoint instead of the user endpoint for validation, as GitHub Actions tokens have repository-scoped permissions
  • Accepting an optional repository parameter to use for validation
  • Maintaining backward compatibility with existing PAT validation logic

This approach ensures that both GitHub Actions tokens and Personal Access Tokens can be validated correctly, providing a seamless experience for users in both GitHub Actions workflows and other environments.

Link of any specific issues this addresses.
I believe the bug was introduced in #6458

malhotra5
malhotra5 approved these changes Mar 3, 2025
View reviewed changes
Copy link
Contributor

@malhotra5 malhotra5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks a bunch for this catch!

@malhotra5
Copy link
Contributor

Hi @tawago, thanks a bunch for the contributions! I've approved the workflows here, please update the code until they are all passing so we can get this merged 🙂

@tawago
Copy link
Contributor Author

tawago commented Mar 3, 2025
edited
Loading

Let me confirm some cases on my local before merging this. I will update asap

@tawago
Copy link
Contributor Author

tawago commented Mar 3, 2025
edited
Loading

@malhotra5
Okay, tested a workflow on my forked repository: https://github.com/tawago/OpenHands/actions/runs/13623744851/job/38077431478
This PR should work as expected and all checks seems passing

@tawago tawago requested a review from malhotra5 March 3, 2025 05:44
@malhotra5 malhotra5 merged commit 6d75647 into All-Hands-AI:main Mar 3, 2025
13 checks passed
adityasoni9998 pushed a commit to adityasoni9998/OpenHands that referenced this pull request Mar 12, 2025
@tawago @adityasoni9998
[Bugfix] Add github_token verification in resolver utils (All-Hands-A…
30a66e7 
…I#7065)
@tawago tawago mentioned this pull request Mar 16, 2025
Merged
2 tasks
@tawago tawago mentioned this pull request Mar 28, 2025
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@malhotra5 malhotra5 Awaiting requested review from malhotra5

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tawago @malhotra5