bug: same access token for different GitHub instances

[fschoenm]

Summary

Maybe I don't understand how that's supposed to work but it seems to me you try to use the same access token for querying the latest runner version and installing the runner. When installing a runner for a GHES, this doesn't work though because the access tokens are going to be different.

ansible-github_actions_runner/tasks/collect_info.yml

Lines 20 to 32 in 0b0233d

	- name: Get registration token (RUN ONCE)
	ansible.builtin.uri:
	url: "{{ github_full_api_url }}/registration-token"
	headers:
	Authorization: "token {{ access_token }}"
	Accept: "application/vnd.github.v3+json"
	method: POST
	status_code: 201
	force_basic_auth: true
	register: registration
	delegate_to: localhost
	become: false
	run_once: true

ansible-github_actions_runner/tasks/collect_info.yml

Lines 63 to 78 in 0b0233d

	- name: Find the latest runner version (RUN ONCE)
	ansible.builtin.uri:
	url: "https://api.github.com/repos/{{ runner_download_repository }}/releases/latest"
	headers:
	Authorization: "token {{ access_token }}"
	Content-Type: "application/json"
	method: GET
	return_content: true
	status_code: 200
	body_format: json
	check_mode: false
	register: api_response
	run_once: true
	become: false
	delegate_to: localhost
	when: runner_version == "latest"

Issue Type

Bug Report

Ansible Version

ansible [core 2.16.7]
  config file = /home/fschoenm/devel/ansible/ansible.cfg
  configured module search path = ['/home/fschoenm/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/fschoenm/.local/pipx/venvs/ansible/lib/python3.12/site-packages/ansible
  ansible collection location = /home/fschoenm/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/fschoenm/.local/bin/ansible
  python version = 3.12.7 (main, Nov  6 2024, 18:29:01) [GCC 14.2.0] (/home/fschoenm/.local/pipx/venvs/ansible/bin/python)
  jinja version = 3.1.4
  libyaml = True

Steps to Reproduce

n/a

Expected Results

Provide a way to specify different access tokens for the GHES and github.com.

Actual Results

TASK [monolithprojects.github_actions_runner : Find the latest runner version (RUN ONCE)] *******************************************************************************************************************************************
fatal: [build-1.internal.com -> localhost]: FAILED! => {"access_control_allow_origin": "*", "access_control_expose_headers": "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset", "changed": false, "connection": "close", "content": "{\"message\":\"Bad credentials\",\"documentation_url\":\"https://docs.github.com/rest\",\"status\":\"401\"}", "content_length": "95", "content_security_policy": "default-src 'none'", "content_type": "application/json; charset=utf-8", "date": "Fri, 13 Dec 2024 11:58:59 GMT", "elapsed": 0, "json": {"documentation_url": "https://docs.github.com/rest", "message": "Bad credentials", "status": "401"}, "msg": "Status code was 401 and not [200]: HTTP Error 401: Unauthorized", "redirected": false, "referrer_policy": "origin-when-cross-origin, strict-origin-when-cross-origin", "server": "github.com", "status": 401, "strict_transport_security": "max-age=31536000; includeSubdomains; preload", "url": "https://api.github.com/repos/actions/runner/releases/latest", "vary": "Accept-Encoding, Accept, X-Requested-With", "x_content_type_options": "nosniff", "x_frame_options": "deny", "x_github_media_type": "github.v3; format=json", "x_github_request_id": "4095:112ACC:248BB4E:25F3F0F:675C2183", "x_ratelimit_limit": "60", "x_ratelimit_remaining": "59", "x_ratelimit_reset": "1734094739", "x_ratelimit_resource": "core", "x_ratelimit_used": "1", "x_xss_protection": "0"}