-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug: Error "fetch failed" when fetching v3.1.1 #609
Comments
@lindeberg thanks for the report, we recently updated our HTTP libraries and I was expecting something like this to show up! Can you share the YAML file you're using for the Action (please obscure any private info) so we can reproduce? |
|
Why release something where there is an expected issue? |
@lindeberg Thanks for providing additional details for the reproduction. I apologize for using such loose language in my previous comment. Rephrased: I am not surprised to see this error given the number of packages upgraded. I will provide an update once I can debug this issue. |
@lindeberg I have not been able to reproduce this issue on github.com. I used the https://github.com/future-funk/glowing-computing-machine/ repo with two pull requests:
Are you able to reproduce? The only difference is the self-hosted runners part. A few questions:
|
Not sure if related, but since the new version we have been having the following problem on Runner version: Pinning to the previous version solves the problem: @febuiles happy to log this on a different issue |
It is executed on GitHub Enterprise with Advanced security enabled. permissions: jobs: Added bold lines hoping to get some additional info. |
We are using self hosted runners on organization level in Enterprise Cloud. |
I have not been able to reproduce this in GitHub Enterprise Cloud with a self-hosted runner, log here: https://github.com/future-funk/glowing-computing-machine/actions/runs/6784453748/job/18440780341. Relevant lines:
A reproduction repro, or a scrubbed log of a run would be appreciated to get an idea of where we're failing. I'll commission a GitHub Enterprise Server to test self-hosted runners there. |
Not sure what logs you mean. Logs with debug on:
Could you elaborate on how we can help? Note that we are running behind proxy server. That sounds like a potential culprit as you mentioned http libraries. |
I was not able to reproduce this in GHES 3.10 either, so I guess proxies are the ones getting disrupted by this, thanks for bringing that up @lindeberg. To get the full logs for a run you can click the cogwheel item in the failed run and then "View raw logs": It'd be useful to get the full output (with private data scrubbed) to see at which step of the run things are failing. |
I've pushed a temporary tag to see if we can fix this issue by downgrading a couple of libraries. Can you test with this custom version and see if the error still appears?
|
@febuiles I just tried the tag you posted and I am getting the same error I posted before while getting credentials. Some additional info:
Runner set up:
|
Same error with version "downgrade-actions-github". Full log:
|
I have a new branch for testing the fix1, I would appreciate testing from folks whose setup is working in
If you see failures prior in, or prior to 3.1.0 please open a new issue! Footnotes
|
@lindeberg thanks for sharing the output of your run. We posted almost at the same time, but I hope the new branch mentioned in the last comment fixes the. Your patience is much appreciated, I will make sure that HTTPS-proxy testing is done for future releases. |
@febuiles version "fix-https-proxy" works! 👍 |
Thanks for the confirmation that it's working 🙇 I cut a new releases, 3.1.2, to address the bug. I added a bit more context to the original PR. With this I'm closing this issue. If you are still running into problems with 3.1.2 please re-open this issue or create a new one. |
Hello, I also can confirm it is working now - sorry for the timeout! |
Hi @febuiles! We are having this issue again (some(most)time). Now using v4.3.4. On self hosted runners with least privelege external network access. So we figured these domains should be allowed by the proxy:
Anything else that needs to be allowed? 2024-08-15T11:29:36.3809270Z Dependency review did not detect any denied packages
2024-08-15T11:29:36.3810601Z ##[debug]Getting deps.dev data for github.com/beorn7/perks 1.0.1
2024-08-15T11:29:46.3821020Z ##[error]fetch failed |
@lindeberg I'm not up to date with the latest changes, but it makes sense that now that the action reaches out to external providers some additional configuration is needed. I think @jonjanego can provide further guidance with this, good luck! |
Hi @lindeberg these are probably from the OpenSSF scorecards option being enabled. URLs that option uses are defined here: dependency-review-action/src/scorecard.ts Line 52 in 90820ab
dependency-review-action/src/scorecard.ts Line 71 in 90820ab
If you're still encountering trouble after allowlisting those could you please open up a new issue with similar troubleshooting logs as you provided above? |
We are getting error "fetch failed" when targeting the brand new patch v3.1.1:
Targeting v3.1.0 works fine.
The text was updated successfully, but these errors were encountered: