Giters

softprops / action-gh-release

📦 :octocat: GitHub Action for creating GitHub Releases

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Getting 403 on this workflow

ahoiroman opened this issue · comments

commented

Hello,

I saw a lot of issues dealing with the 403-thing, which could mean that there is a bug or the docs are lacking some information. I am happy to extend the docs once I fix the issue myself.

My workflow:

name: Build and Release

on:
  push:
    tags:
      - "v*.*.*"

permissions:
  contents: write

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Install PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: '8.2'
          extensions: mbstring, zip

      - name: Install PHP dependencies
        run: composer install --no-interaction --prefer-dist

      - name: Use Node.js 16.13.0
        uses: actions/setup-node@v2
        with:
          node-version: 16.13.0

      - name: Install required npm version
        run: npm -g install npm@8.5.5

      - name: Install npm dependencies
        run: npm ci

      - name: Build assets
        run: npm run build

      - name: Create release zip
        run: zip -r release.zip .
        if: success()

      - name: Upload release.zip to GitHub Releases
        uses: softprops/action-gh-release@v1
        with:
          files: release.zip
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

This fails with

👩‍🏭 Creating new GitHub release for tag v.0.5.0... ⚠️ GitHub release failed with status: 403 undefined retrying... (2 retries remaining)

Permissions should be set globally for the workflow, right?

permissions:
  contents: write
commented

Hello, @ahoiroman!

I just tested this Action for the very first time in one of my repositories and it succeeded without any problems, so I started comparing your workflow definition from above with my workflow. The main difference between them is that I do not apply the GITHUB_TOKEN environment variable as the documentation states that the workflow's token would be used, by default, anyway; see https://github.com/softprops/action-gh-release/blob/master/README.md?plain=1#L182.

Does your workflow succeed if you remove the last two lines from the above definition?

commented

In the repo settings, under Actions / General / Workflow Permissions make sure you select "read and write permissions". It seems that GitHub changed the default to the more restrictive option for new repos at some point.

commented

check this comment out! #236 (comment)