Github 操作 ubuntu-最新的 Heroku 身份验证失败
Github Action ubuntu-latest to Heroku auth failed
我今天看到这个错误,昨天和之前都在工作。
在 Heroku 文档中看不到任何可能导致此重大更改的更改。
错误:
Switched to a new branch 'deploy'
remote: ! WARNING:
remote: ! Do not authenticate with username and password using git.
remote: ! Run `heroku login` to update your credentials, then retry the git command.
remote: ! See documentation for details: https://devcenter.heroku.com/articles/git#http-git-authentication
fatal: Authentication failed for 'https://git.heroku.com/snapnhd-staging.git/'
main.yml
server-deploy:
needs: server-check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: actions/setup-ruby@v1
with:
ruby-version: '2.6.x'
- name: Determine Heroku App
id: heroku
uses: ./.github/actions/heroku-app
- name: Deploy
env:
HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }}
HEROKU_APP: ${{ steps.heroku.outputs.app }}
run: |
git remote add heroku \
https://heroku:$HEROKU_API_KEY@git.heroku.com/$HEROKU_APP.git
git fetch --unshallow origin
git checkout -b deploy
git push heroku deploy:master -f
作为对 this ongoing security investigation 的回应的一部分,Heroku 强制所有用户在 5 月 4 日或前后重设密码(引用一封电子邮件,大概所有客户都应该收到):
As part of our efforts to enhance our security and in response to an incident published on status.heroku.com, we wanted to inform you that we will begin resetting user account passwords on May 4, 2022.
这也使 API 个令牌无效:
NOTE: A password reset will also invalidate your API access tokens. As a result, any automations you’ve built to integrate with the Heroku Platform API that use these tokens may result in 403 forbidden errors. To avoid downtime you will need to re-enable direct authorizations by following the instructions here and update your integrations to use your newly generated token.
链接的文章显示了几种生成新令牌的方法,所有这些都归结为 POST 到
https://api.heroku.com/oauth/authorizations
具体方法部分取决于您是否启用了 multi-factor authentication。如果您还没有使用 MFA,现在是启用它的好时机。
生成一个新令牌并更新您的 GitHub 操作配置以使用它。
我今天看到这个错误,昨天和之前都在工作。 在 Heroku 文档中看不到任何可能导致此重大更改的更改。
错误:
Switched to a new branch 'deploy'
remote: ! WARNING:
remote: ! Do not authenticate with username and password using git.
remote: ! Run `heroku login` to update your credentials, then retry the git command.
remote: ! See documentation for details: https://devcenter.heroku.com/articles/git#http-git-authentication
fatal: Authentication failed for 'https://git.heroku.com/snapnhd-staging.git/'
main.yml
server-deploy:
needs: server-check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: actions/setup-ruby@v1
with:
ruby-version: '2.6.x'
- name: Determine Heroku App
id: heroku
uses: ./.github/actions/heroku-app
- name: Deploy
env:
HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }}
HEROKU_APP: ${{ steps.heroku.outputs.app }}
run: |
git remote add heroku \
https://heroku:$HEROKU_API_KEY@git.heroku.com/$HEROKU_APP.git
git fetch --unshallow origin
git checkout -b deploy
git push heroku deploy:master -f
作为对 this ongoing security investigation 的回应的一部分,Heroku 强制所有用户在 5 月 4 日或前后重设密码(引用一封电子邮件,大概所有客户都应该收到):
As part of our efforts to enhance our security and in response to an incident published on status.heroku.com, we wanted to inform you that we will begin resetting user account passwords on May 4, 2022.
这也使 API 个令牌无效:
NOTE: A password reset will also invalidate your API access tokens. As a result, any automations you’ve built to integrate with the Heroku Platform API that use these tokens may result in 403 forbidden errors. To avoid downtime you will need to re-enable direct authorizations by following the instructions here and update your integrations to use your newly generated token.
链接的文章显示了几种生成新令牌的方法,所有这些都归结为 POST 到
https://api.heroku.com/oauth/authorizations
具体方法部分取决于您是否启用了 multi-factor authentication。如果您还没有使用 MFA,现在是启用它的好时机。
生成一个新令牌并更新您的 GitHub 操作配置以使用它。