403 Forbidden: Resource not accessible by integration
supersu-man opened this issue · comments
⨯ 403 Forbidden
"method: post url: https://api.github.com/repos/supersu-man/bumper/releases\n\n Data:\n {\"message\":\"Resource not accessible by integration\",\"documentation_url\":\"https://docs.github.com/rest/reference/repos#create-a-release\"}\n "
Headers: {
"server": "GitHub.com",
"date": "Wed, 11 Jan 2023 12:53:27 GMT",
"content-type": "application/json; charset=utf-8",
/home/runner/work/_actions/samuelmeuli/action-electron-builder/v1/index.js:144
throw err;
^
Error: Command failed: npx --no-install electron-builder --linux --publish always -c.snap.publish=github
at checkExecSyncError (child_process.js:635:11)
at execSync (child_process.js:671:15)
at run (/home/runner/work/_actions/samuelmeuli/action-electron-builder/v1/index.js:21:27)
at runAction (/home/runner/work/_actions/samuelmeuli/action-electron-builder/v1/index.js:132:4)
at Object.<anonymous> (/home/runner/work/_actions/samuelmeuli/action-electron-builder/v1/index.js:1[50](https://github.com/supersu-man/bumper/actions/runs/3892963803/jobs/6644999556#step:5:51):1)
at Module._compile (internal/modules/cjs/loader.js:999:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1027:10)
at Module.load (internal/modules/cjs/loader.js:863:32)
at Function.Module._load (internal/modules/cjs/loader.js:708:14)
at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:60:12) {
status: 1,
signal: null,
output: [ null, null, null ],
pid: 1760,
stdout: null,
stderr: null
}
"content-length": "136",
"x-github-media-type": "github.v3; format=json",
"x-github-api-version-selected": "2022-11-28",
"x-ratelimit-limit": "1000",
"x-ratelimit-remaining": "970",
"x-ratelimit-reset": "1673444667",
"x-ratelimit-used": "30",
"x-ratelimit-resource": "core",
"access-control-expose-headers": "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset",
"access-control-allow-origin": "*",
"strict-transport-security": "max-age=31536000; includeSubdomains; preload",
"x-frame-options": "deny",
"x-content-type-options": "nosniff",
"x-xss-protection": "0",
"referrer-policy": "origin-when-cross-origin, strict-origin-when-cross-origin",
"content-security-policy": "default-src 'none'",
"vary": "Accept-Encoding, Accept, X-Requested-With",
"x-github-request-id": "9441:1381:3F1F00B:812956B:63BEB147",
"connection": "close"
} failedTask=build stackTrace=HttpError: 403 Forbidden
"method: post url: [https://api.github.com/repos/supersu-man/bumper/releases\n\n](https://api.github.com/repos/supersu-man/bumper/releases/n/n) Data:\n {\"message\":\"Resource not accessible by integration\",\"documentation_url\":\"https://docs.github.com/rest/reference/repos#create-a-release\"}\n "
Headers: {
"server": "GitHub.com",
"date": "Wed, 11 Jan 2023 12:[53](https://github.com/supersu-man/bumper/actions/runs/3892963803/jobs/6644999556#step:5:54):27 GMT",
"content-type": "application/json; charset=utf-8",
"content-length": "136",
"x-github-media-type": "github.v3; format=json",
"x-github-api-version-selected": "2022-11-28",
"x-ratelimit-limit": "1000",
"x-ratelimit-remaining": "970",
"x-ratelimit-reset": "1673444667",
"x-ratelimit-used": "30",
"x-ratelimit-resource": "core",
"access-control-expose-headers": "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset",
"access-control-allow-origin": "*",
"strict-transport-security": "max-age=31536000; includeSubdomains; preload",
"x-frame-options": "deny",
"x-content-type-options": "nosniff",
"x-xss-protection": "0",
"referrer-policy": "origin-when-cross-origin, strict-origin-when-cross-origin",
"content-security-policy": "default-src 'none'",
"vary": "Accept-Encoding, Accept, X-Requested-With",
"x-github-request-id": "9441:1381:3F1F00B:8129[56](https://github.com/supersu-man/bumper/actions/runs/3892963803/jobs/6644999556#step:5:57)B:[63](https://github.com/supersu-man/bumper/actions/runs/3892963803/jobs/6644999556#step:5:64)BEB147",
"connection": "close"
}
at createHttpError (/home/runner/work/bumper/bumper/node_modules/builder-util-runtime/src/httpExecutor.ts:30:10)
at IncomingMessage.<anonymous> (/home/runner/work/bumper/bumper/node_modules/builder-util-runtime/src/httpExecutor.ts:197:13)
at IncomingMessage.emit (events.js:412:35)
at endReadableNT (internal/streams/readable.js:1333:12)
at processTicksAndRejections (internal/process/task_queues.js:[82](https://github.com/supersu-man/bumper/actions/runs/3892963803/jobs/6644999556#step:5:83):21)
I'm also having this issue. Gonna leave the comment in the hopes someone fixes it.
I'm also having this issue. Gonna leave the comment in the hopes someone fixes it.
Did you try creating a release before using this action ? or maybe tried for a workaround?
I'm also having this issue. Gonna leave the comment in the hopes someone fixes it.
Did you try creating a release before using this action ? or maybe tried for a workaround?
I tried creating a release, as it seemed the only workaround, but it didn't work. I didn't try any other workaround, though.
I'm also having this issue. Gonna leave the comment in the hopes someone fixes it.
Did you try creating a release before using this action ? or maybe tried for a workaround?
I tried creating a release, as it seemed the only workaround, but it didn't work. I didn't try any other workaround, though.
The action is not working anymore, I've made a test repo and been testing by making changes to .yml file but no luck.
The GITHUB_TOKEN that's automatically generated for the workflow doesn't have permission to create the release, hence the 403.
The easiest solution is to allow Read and write permissions in the repo's Actions settings:
-
Go to: https://github.com/__REPO_OWNER__/__REPO_NAME__/settings/actions
(Your Repo -> Settings -> Actions -> General) -
Update the permission under
Workflow permissions, then save.
More info:
https://docs.github.com/en/actions/security-guides/automatic-token-authentication
The
GITHUB_TOKENthat's automatically generated for the workflow doesn't have permission to create the release, hence the 403.The easiest solution is to allow
Read and write permissionsin the repo's Actions settings:
- Go to: https://github.com/__REPO_OWNER__/__REPO_NAME__/settings/actions
(Your Repo -> Settings -> Actions -> General)- Update the permission under
Workflow permissions, then save.More info: https://docs.github.com/en/actions/security-guides/automatic-token-authentication
I can attest that this method is currently functional, and may just be the workaround for those who are waiting for a change in the action itself.
I can attest that this method is currently functional, and may just be the workaround for those who are waiting for a change in the action itself.
@Gilvan-Araujo I wouldn't call it a "workaround". This isn't an issue with the the action itself. Actions shouldn't be able to set what permissions they have, so there's nothing to fix here.
Maybe it should be better documented now though, because for new repos, the permissions for the auto-generated GITHUB_TOKEN are all read-only now.
So people can either use the solution I posted above, use a Personal Access Token, or set the permissions key in their workflow file.
Please, add documentation about this in the README.