Home > Software engineering >  secrets.GITHUB_TOKEN could be expired in github action?
secrets.GITHUB_TOKEN could be expired in github action?

Time:09-09

I have a private image/repo used in my dependencies. Today, I pushed 3 times into my repo, first two times my action-ci showed install private dependencies success, but the last time is failed, the error is about access denied. I did not change anything from the setting or the code, I don't know why it gave me this error. I check the registry setting, I am 100% sure I gave the repo with full permission to install that private image/repo. I think secrets.GITHUB_TOKEN could be expired? or what setting is wrong.

Thanks for any help.

run: login
 username: ${{ GitHub.actor }}
 password: ${{ secrets.GITHUB_TOKEN }}
 registry: ghrc.io
run: npm ci
 env: ${{ secrets.GITHUB_TOKEN }}

CodePudding user response:

As mentioned in "The GITHUB_TOKEN in GitHub Actions: How it Works" (from Davide 'CoderDave' Benvegnù), GitHub automatically creates a GITHUB_TOKEN secret for you to use in your workflow, and you can use it to authenticate in a workflow run.

That means it should not "expire" during the execution of the very workflow it was created for authentication.
As noted by CodeCaster in the comments, if your individual action takes more than 24 hours to complete... the token would actually expire.

Before each job begins, GitHub fetches an installation access token for the job.
The GITHUB_TOKEN expires when a job finishes or after a maximum of 24 hours.

Check first if the issue persists later on today.

There was a significant outage yesterday which did impacted GitHub Action execution.

  • Related