Github Action ubuntu-latest to Heroku auth failed

Advertisements

I’m seeing this error as of today, was working yesterday and prior to that as well.
Can’t see that anything has changed in the Heroku documentation that might cause this breaking change.

Error:

Switched to a new branch 'deploy'
remote: !   WARNING:
remote: !   Do not authenticate with username and password using git.
remote: !   Run `heroku login` to update your credentials, then retry the git command.
remote: !   See documentation for details: https://devcenter.heroku.com/articles/git#http-git-authentication
fatal: Authentication failed for 'https://git.heroku.com/snapnhd-staging.git/'

main.yml

  server-deploy:
    needs: server-check
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
      - uses: actions/setup-ruby@v1
        with:
          ruby-version: '2.6.x'
      - name: Determine Heroku App
        id: heroku
        uses: ./.github/actions/heroku-app
      - name: Deploy
        env:
          HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }}
          HEROKU_APP: ${{ steps.heroku.outputs.app }}
        run: |
          git remote add heroku \
            https://heroku:$HEROKU_API_KEY@git.heroku.com/$HEROKU_APP.git
          git fetch --unshallow origin
          git checkout -b deploy
          git push heroku deploy:master -f

>Solution :

As part of their response to this ongoing security investigation, Heroku forced all users to reset their passwords on or around May 4 (quoting from an email that, presumably, all customers should have received):

As part of our efforts to enhance our security and in response to an incident published on status.heroku.com, we wanted to inform you that we will begin resetting user account passwords on May 4, 2022.

This also invalidated API tokens:

NOTE: A password reset will also invalidate your API access tokens. As a result, any automations you’ve built to integrate with the Heroku Platform API that use these tokens may result in 403 forbidden errors. To avoid downtime you will need to re-enable direct authorizations by following the instructions here and update your integrations to use your newly generated token.

The linked article shows several ways to generate a new token, all of which boil down to a POST to

https://api.heroku.com/oauth/authorizations

The exact method depends partly on whether you have multi-factor authentication enabled. If you aren’t already using MFA, this would be a good time to enable it.

Generate a new token and update your GitHub Actions configuration to use it.

Leave a ReplyCancel reply