Action permission issues

Hi all,
I’m fighting this issue for a week now (new to gitea).
We have an in-house gitea instance running for a manage project git repository. Everything works as expected, after getting all the Windows users familiar with ssh keys. We have all repositories set as private, as we don’t want the whole company having access to the code as we develop it.

We have one repository that is common code elements for our UI, which is used across multiple internal projects. We want a push to run the action : checkout the repository, then pull the common UI into another path, then build. The first part works, as it should, but no matter what I do, I can NOT get to the second repository, usually as a “permission denied”. I can do all this from the command line, so I’m missing something important.

I can’t seem to figure out if I need tokens (can’t seem to get them to make a difference), ssh-key (no difference), deploy key (not sure how they really work), or something else.

(Edit) Trying to use a PAT gives me the dreaded “::error::Input required and not supplied: token” . Seems like no one get’s past that.

Help? There are no real examples I can find, so here I am.

It might help to see the actions/checkout step in your pipeline config.
Just to clarify you have tried the action’s options ssh-key and token?

Yes, I get user permission denied with ssh-key and input required and not supplied with the token

- main
- /data/files:/data/files:rw
runs-on: ubuntu-22.04

- name: Checkout repository
uses: actions/checkout@v4
- name: Checkout bla-ui repository
uses: actions/checkout@v4
repository: bla/bla-ui
token: ${{ secrets.TPSRO }}
#ssh-key: ${{ secrets.DEPLOY_PRIVATE }}
path: src/bla-ui
ref: main

A few things to check:

user permission denied - This usually means the SSH key you are trying to use does not have permission to access the other repository. Make sure the private key is configured correctly on the Gitea deployment keys/access for the target repository.

input required and not supplied with the token - For a private repository, you need to provide both an SSH key and personal access token. The token alone is not enough.


Make sure the SSH private key secret is configured correctly in your workflow

Double check the key matches what is configured as a deployment key for the target repository

Try adding both the SSH key secret and a personal access token secret:

  repository: bla/bla-ui
  ssh-key: ${{ secrets.DEPLOY_PRIVATE_KEY }} 
  token: ${{ secrets.GITEA_TOKEN }}

Make sure the target repository has enabled deploy keys or the personal access token has sufficient permissions

Try cloning the repo directly with git instead of using actions/checkout to narrow down where the issue is.

You likely need to configure both the SSH key and a token, and ensure the key has permissions on the target repo