Giters

gitleaks / gitleaks

Protect and discover secrets using Gitleaks 🔑

Home Page:https://gitleaks.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Resource not accessible by integration

rjuevesano opened this issue · comments

commented

Describe the bug
Just copied from the example

name: credential-scan

on: [pull_request, push, workflow_dispatch]

jobs:
  credential-scan:
    runs-on: ubuntu-latest
    
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - uses: gitleaks/gitleaks-action@v2
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }}

To Reproduce
Steps to reproduce the behavior:

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots

/home/runner/work/_actions/gitleaks/gitleaks-action/v2/dist/index.js:48843
      const error = new requestError.RequestError(toErrorMessage(data), status, {
                    ^

RequestError [HttpError]: Resource not accessible by integration
    at /home/runner/work/_actions/gitleaks/gitleaks-action/v2/dist/index.js:48843:21
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.ScanPullRequest (/home/runner/work/_actions/gitleaks/gitleaks-action/v2/dist/index.js:70602:17)
    at async start (/home/runner/work/_actions/gitleaks/gitleaks-action/v2/dist/index.js:71362:16) {
  status: 403,
  response: {
    url: 'https://api.github.com/repos/<org>/<repo>/pulls/5/commits',
    status: 403,
    headers: {
      'access-control-allow-origin': '*',
      'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
      connection: 'close',
      'content-encoding': 'gzip',
      'content-security-policy': "default-src 'none'",
      'content-type': 'application/json; charset=utf-8',
      date: 'Wed, 14 Feb 2024 12:17:55 GMT',
      'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
      server: 'GitHub.com',
      'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
      'transfer-encoding': 'chunked',
      vary: 'Accept-Encoding, Accept, X-Requested-With',
      'x-accepted-github-permissions': 'pull_requests=read',
      'x-content-type-options': 'nosniff',
      'x-frame-options': 'deny',
      'x-github-api-version-selected': '2022-11-28',
      'x-github-media-type': 'github.v3; format=json',
      'x-github-request-id': '6402:588A:DBBC43:1BA5CC0:65CCAF73',
      'x-ratelimit-limit': '1000',
      'x-ratelimit-remaining': '997',
      'x-ratelimit-reset': '1707916669',
      'x-ratelimit-resource': 'core',
      'x-ratelimit-used': '3',
      'x-xss-protection': '0'
    },
    data: {
      message: 'Resource not accessible by integration',
      documentation_url: 'https://docs.github.com/rest/pulls/pulls#list-commits-on-a-pull-request'
    }
  },
  request: {
    method: 'GET',
    url: 'https://api.github.com/repos/<org>/<repo>/pulls/5/commits',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'octokit-rest.js/18.12.0 octokit-core.js/3.6.0 Node.js/20.8.1 (linux; x64)',
      authorization: 'token [REDACTED]'
    },
    request: { hook: [Function: bound bound register] }
  }
}

Basic Info (please complete the following information):

  • OS:
  • Gitleaks Version: 2

Additional context
Add any other context about the problem here.

cc @zricethezav