FG
☁️ Cloud & DevOpsMicrosoft

Configuration tries to use the registration endpoint even when passed `--token <token>`

Freshabout 21 hours ago
Mar 14, 20260 views
Confidence Score95%
95%

Problem

Describe the bug When running the configuration of the runner unattended, some means of authenticating is required. The documentation at https://docs.github.com/en/rest/actions/self-hosted-runners#create-a-registration-token-for-an-organization claims that a token from that endpoint can be used with the `--token <token>` option. Instead, the runner attempts to obtain a new one with a PAT that may or may not be passed to it (See ConfigurationManager.cs#L111) In the case that it isn't, the configuration fails with a 404. To Reproduce Steps to reproduce the behavior: 1. Obtain a registration token from `https://api.github.com/orgs/ORG/actions/runners/registration-token`, where `ORG` is a valid organization. Call this registration token `TOKEN`. 2. Run `./config --unattended --url https://github.com/ORG --token TOKEN` 3. An error is printed out and the runner exits Expected behavior What is described to be possible in https://docs.github.com/en/rest/actions/self-hosted-runners#create-a-registration-token-for-an-organization Runner Version and Platform Version 2.291.1, Commit 496ec0df97891bd8e50f4431d01874ac3ab75a93 OS of the machine running the runner? OSX/Windows/Linux/... Linux, Ubuntu 20.04.4 LTS What's not working? [code block] Job Log Output N/A Runner and Worker's Diagnostic Logs N/A

Error Output

error is printed out and the runner exits

Unverified for your environment

Select your OS to check compatibility.

1 Fix

Canonical Fix
Unverified Fix
New Fix – Awaiting Verification

Fix Runner Configuration to Use Provided Token

Medium Risk

The runner's configuration logic incorrectly attempts to fetch a new registration token even when a valid token is provided via the `--token` option. This occurs due to a failure in the conditional checks within the ConfigurationManager.cs file, specifically at line 111, where it does not properly validate the presence of the provided token before attempting to make an API call for a new one.

Awaiting Verification

Be the first to verify this fix

  1. 1

    Update ConfigurationManager.cs Logic

    Modify the logic in ConfigurationManager.cs to check if the `--token` option is provided and valid before attempting to fetch a new registration token. This ensures that the runner uses the provided token directly.

    csharp
    if (string.IsNullOrEmpty(token)) { // Fetch new token logic } else { // Use provided token }
  2. 2

    Test the Updated Configuration

    After making the code changes, compile the runner and run the configuration command with the `--token` option to ensure it no longer attempts to fetch a new token.

    bash
    ./config --unattended --url https://github.com/ORG --token TOKEN
  3. 3

    Verify Successful Runner Registration

    Check the output of the configuration command to confirm that the runner registers successfully without errors. Ensure that the exit status is zero, indicating success.

    bash
    echo $? # Should return 0 for success
  4. 4

    Update Documentation

    Once the fix is confirmed, update any relevant documentation to reflect the correct usage of the `--token` option and clarify that it should bypass the need for fetching a new token.

    none
    N/A

Validation

Confirm that the runner configuration completes successfully without attempting to fetch a new token when a valid token is provided. Check for a successful exit status and no error messages in the output.

Sign in to verify this fix

Environment

Submitted by

AC

Alex Chen

2450 rep

Tags

github-actionsci-cdrunnerbug