Missing download info for actions/checkout@v4

[BieLuk]

Hi, my GHA pipeline started to fail on step that uses tenhaus/get-release-or-tag@v2 action.

The same error happens on checkout@v4, checkout@v3 and checkout@v4.2.2.

GHA job that fails when I try to use this action:

  build-docker-acr-new:
    runs-on: [ self-hosted, linux, cicdframework ]
    needs: [unit-tests]
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Login to ACR
        uses: docker/login-action@v3
        with:
          registry: ${{ vars.ACR_REGISTRY_NEW }}
          username: ${{ secrets.ACR_USERNAME_NEW }}
          password: ${{ secrets.ACR_TOKEN_NEW }}
      - name: Get TAG or SHA
        uses: procter-gamble/get-release-or-tag-github-actions@v2
        id: tag
      - name: Build and push
        id: docker_build
        uses: docker/build-push-action@v6
        with:
          context: ./
          file: ./Dockerfile
          push: true
          tags: ${{ vars.ACR_REGISTRY_NEW }}/spyglass-kpimanager-api:${{ steps.tag.outputs.tag }}
      - name: Image Hash
        run: echo ${{ steps.tag.outputs.tag }}

[dwebsterhbc]

We're also suddenly seeing this with actions/checkout@v4 (and other tags) - we even see this with our own reusable actions in our enterprise orgs. I notice you're using self-hosted - as are we - but I can confirm this issue is also present with github's own ubuntu-latest.

[athieme]

My config is similar, but seeing the same issues:

Current runner version: '2.324.0'
Runner Image Provisioner
Operating System
Runner Image
GITHUB_TOKEN Permissions
Secret source: Actions
Prepare workflow directory
Prepare all required actions
Getting action download info
Error: Missing download info for actions/checkout@v4.6.[2](https://github.com/athieme/wmsx-api/actions/runs/15337176405/job/43156521575#step:1:2)

and my config is this:

name: CI + Test Report + Coverage

on:
  push:
    branches: [ main ]
  pull_request:

jobs:
  test:
    runs-on: ubuntu-latest

    strategy:
      matrix:
        node-version: [ 18.x ]

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4.6.2

      - name: Set up Node.js
        uses: actions/setup-node@v3.9.1
        with:
          node-version: ${{ matrix.node-version }}

      - name: Install dependencies
        run: npm ci

      - name: Run tests with coverage
        run: |
          mkdir -p test-results
          npm run test:ci || true  # Continue even if tests fail so reports can still be published

      - name: Upload test results
        uses: actions/upload-artifact@v4.6.2
        with:
          name: mocha-test-results
          path: test-results

      - name: Publish test results to GitHub PR
        uses: dorny/test-reporter@v2.1.0
        if: always()
        with:
          name: Mocha Tests
          path: test-results/junit.xml
          reporter: jest-junit
          fail-on-error: true

      - name: Upload coverage to Codecov
        uses: codecov/codecov-action@v4.6.0
        with:
          token: ${{ secrets.CODECOV_TOKEN }}

[athieme]

Here's my config that got things working. Maybe it wasnt a bug at all or maybe it was just using tagged (and not release versions, I am not sure):

name: CI + Test Report + Coverage

env:
  ACTIONS_STEP_DEBUG: true
  ACTIONS_RUNNER_DEBUG: true

on:
  push:
    branches: [ main ]
  pull_request:

jobs:
  test:
    runs-on: ubuntu-latest

    strategy:
      matrix:
        node-version: [ 18.x ]

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4.2.2

      - name: Set up Node.js
        uses: actions/setup-node@v3.9.1
        with:
          node-version: ${{ matrix.node-version }}

      - name: Install dependencies
        run: npm ci

      - name: Run tests with coverage
        run: |
          mkdir -p test-results
          npm run test:ci || true  # Continue even if tests fail so reports can still be published

      - name: Upload test results
        uses: actions/upload-artifact@v4.6.2
        with:
          name: mocha-test-results
          path: test-results

      - name: Publish test results to GitHub PR
        uses: dorny/test-reporter@v2.1.0
        if: always()
        with:
          name: Mocha Tests
          path: test-results/junit.xml
          reporter: jest-junit
          fail-on-error: true

      - name: Upload coverage to Codecov
        uses: codecov/codecov-action@v5.4.3
        with:
          token: ${{ secrets.CODECOV_TOKEN }}

[dwebsterhbc]

We're also suddenly seeing this with actions/checkout@v4 (and other tags) - we even see this with our own reusable actions in our enterprise orgs. I notice you're using self-hosted - as are we - but I can confirm this issue is also present with github's own ubuntu-latest.

We finally managed to resolve this in our GH Enterprise Cloud setup, and this is what we found:

• We are using reusable workflows from a discrete Org, of which contains repos containing the actual actions/workflows. In each repo, there's a separate actions permissioning option: Repo Settings -> Actions -> General -> Access:

• Only Private actions repos were callable from our Private downstream repos - Internal did not work.

Side Note If you are using SSO, and you update a PAT's perms for, say, the service account running your workflow, you'll need to re-auth that PAT against the SSO-enabled Orgs again (via the Configure SSO drop-down button in the PAT dialog)! This also goes for SSH keys - they need to be individually auth'd (these issues may or may not have added to the overall issue, but leaving them here to spare others the couple of days it took to debug this).