Unable to fetch secrets via github actions

rakeshm
rakeshm
Community Member
edited December 2022 in Secrets Automation

Hey,

I am having trouble accessing secrets via GitHub actions in pipelines, It was working fine till last week but from today all our pipelines are broken with the following error, Any support would be super helpful. Oon a side note, I was able to access secrets via curl to the OP_CONNECT_HOST endpoint

log from github actions:
Run 1password/load-secrets-action@v1
/usr/bin/sh -c /home/runner/work/_actions/1password/load-secrets-action/v1/entrypoint.sh
Authenticated with CONNECT
Archive: op.zip
extracting: /usr/local/bin/op.sig
inflating: /usr/local/bin/op
Populating variable: XXX
Error: 2022/12/19 14:11:34 could not read secret op://XXX/XXX/password: could not retrieve vaults: Get "XXX/v1/vaults": unsupported protocol scheme ""
Error: The process '/usr/bin/sh' failed with exit code 1

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • Jack.P_1P
    Jack.P_1P

    Hi @rakeshm:

    Thanks for reaching out about this! Would you mind confirming what protocol in your OP_CONNECT_HOST environment variable? In other words, is it http://op.example.com or httpS://op.example.com.

    Jack

  • rakeshm
    rakeshm
    Community Member

    Hey Jack,

    Until last week all our pipelines don't have a protocol in OP_CONNECT_HOST but after several trial and error methods a few hours ago after adding "HTTP://" to the start of the URL it started working.

    However, I am curious as it was working without mentioning protocol in OP_CONNECT_HOST was working till last Friday, and not sure why it stopped working from this week Monday onwards

    Rakesh

  • Jack.P_1P
    Jack.P_1P

    @rakeshm:

    We recently released an upgrade to the GitHub action that changed how the action connects to your Connect server, and this change resulted in OP_CONNECT_HOST requiring the protocol. Thanks for letting us know that this affected your workflow.

    Jack

  • rakeshm
    rakeshm
    Community Member

    Hello Jack,

    Thank you very much. I went through the solution Eduard Filip provided on GitHub. I am satisfied with the solution however I would like to raise a concern and hope you suggest a solution that works for both of us

    We recently decided to use 1password to use in our CICD pipelines fully after going through several other secret management solutions. We were super happy about our decision so far till we hit this problem. The main reason for this is resolution took around 3 days irrespective of whether I raised this as a GitHub Issue, 1Password community, or via support email. This concerns us specifically with the time frame because if our software deployment pipelines are blocked then we can't release new features not bug fixes in a timely manner supporting our customers which is very important to us.

    I was wondering if you could help us offer a solution something like ex:
    * Premium support through which we can reach you quicker
    * or European support email so we can get faster replies in our working timezone (Assuming support is in the USA timezone based on
    the emails)
    * Alternative implementation approach for using 1password as secret management in CICD pipelines.

    Have a good day.

    Best regards
    Rakesh Mothukuri

This discussion has been closed.