Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to set a Dependabot secret with selected repos #6934

Closed
juanitosvq opened this issue Jan 30, 2023 · 5 comments · Fixed by #6941
Closed

Unable to set a Dependabot secret with selected repos #6934

juanitosvq opened this issue Jan 30, 2023 · 5 comments · Fixed by #6941
Assignees
@samcoe
Labels
bug Something isn't working p2 Affects more than a few users but doesn't prevent core functions platform Problems with the GitHub platform rather than the CLI client

Comments

@juanitosvq
Copy link

juanitosvq commented Jan 30, 2023
edited

Describe the bug

When trying to save a Dependabot secret with selected repos using the CLI, I get an error saying that the selected repository is not of type string. See logs below.

This is happening running the CLI locally but also inside an action:

$ gh --version
gh version 2.22.1 (2023-01-27)
https://github.com/cli/cli/releases/tag/v2.22.1

Seems similar to google/go-github#2401?

Steps to reproduce the behavior

See logs

Expected vs actual behavior

Should be able to save a Dependabot secret with selected repos.

Logs

Paste the activity from your command line. Redact if needed.

$ gh secret set MY_DEPENDABOT_SECRET --org my-org --visibility selected --repos admin --app dependabot --body "TEST"
1 error occurred:
	* failed to set secret "MY_DEPENDABOT_SECRET": HTTP 422: Invalid request. (https://api.github.com/orgs/my_org/dependabot/secrets/MY_DEPENDABOT_SECRET)

Invalid property /selected_repository_ids/0: `58XXXXXXX` is not of type `string`.
@juanitosvq juanitosvq added the bug Something isn't working label Jan 30, 2023
@cliAutomation cliAutomation added the needs-triage needs to be reviewed label Jan 30, 2023
@juanitosvq
Copy link
Author

For completion, when I run the same command on actions secrets, it is successful:

$ gh secret set MY_ACTIONS_SECRET --org my-org --visibility selected --repos admin --app actions --body "TEST"
✓ Set Actions secret MY_ACTIONS_SECRET for my-org

@samcoe samcoe mentioned this issue Jan 30, 2023
Merged
@samcoe samcoe added p3 Affects a small number of users or is largely cosmetic p2 Affects more than a few users but doesn't prevent core functions platform Problems with the GitHub platform rather than the CLI client and removed needs-triage needs to be reviewed p3 Affects a small number of users or is largely cosmetic labels Jan 30, 2023
@samcoe
Copy link
Contributor

samcoe commented Jan 30, 2023

@juanitosvq Thanks for writing in with the bug. I was able to confirm that this is the same issue as google/go-github#2401 where we are sending integers for repository ids instead of strings. This is a weird inconsistency in the Dependabot API as all other secret endpoints request integers. I am checking internally if this is something that is being addressed or if we should create a workaround here in gh.

@samcoe samcoe added the blocked label Jan 30, 2023
@mislav
Copy link
Contributor

mislav commented Jan 31, 2023

@joshmgross do you have insight here re: #6923?

@joshmgross
Copy link
Contributor

@mislav we should use the same workaround for Dependabot org secrets that #6923 had for Codespaces user secrets.

It'd be worth tracking this internally and fixing, but this API is available on GHES as well - https://docs.github.com/en/enterprise-server@3.7/rest/dependabot/secrets

@samcoe samcoe self-assigned this Jan 31, 2023
@samcoe samcoe removed the blocked label Jan 31, 2023
@samcoe
Copy link
Contributor

samcoe commented Jan 31, 2023

Great, sounds like we have a path forward with creating a workaround. I will assign myself and open a PR to fix this.

@samcoe samcoe mentioned this issue Feb 1, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@samcoe samcoe

Labels
bug Something isn't working p2 Affects more than a few users but doesn't prevent core functions platform Problems with the GitHub platform rather than the CLI client
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Special case setting dependabot org secrets cli/cli
5 participants
@mislav @samcoe @joshmgross @juanitosvq @cliAutomation