Experiencing workflow run failures

[crabdancing]

The repo in question can be found here.

I am new to Github workflows, so I've probably done something wrong here. Here is the error:

In text:

  remote: Permission to alxpettit/httm-flake.git denied to github-actions[bot].
  fatal: unable to access 'https://github.com/alxpettit/httm-flake/': The requested URL returned error: 403

[cole-h]

Since you specified the permissions: block in your workflow, GitHub sets everything that you don't specify to read (or otherwise breaks all the not-explicitly-set permissions). Try playing with the permissions set there. I think maybe contents: write might make it work again?

[crabdancing]

I got the same error before setting the permissions block, actually. But I'll try it :)

[crabdancing]

Hmm, now I'm getting:

Create or update the pull request
  Attempting creation of pull request
  Error: GitHub Actions is not permitted to create or approve pull requests.

[cole-h]

You might actually need pull-requests: write, and/or you might need to enable the setting on your repo that allows GitHub actions to create and approve PRs in Settings > Actions > General:

[sellout]

I ran into this the other day, too. It seems like you need both

permissions:
  contents: write # to push the branch for the PR
  pull-requests: write # to open the PR

and checking that checkbox in Settings>Actions>General¹.

These should probably be added to the docs.

Footnotes

1. I use Probot’s Settings app. I’m not certain, but I think the corresponding settings.yml entry is

   actions:
     permissions:
       workflow:
         can_approve_pull_request_reviews: true
   

   See https://docs.github.com/en/rest/actions/permissions?apiVersion=2022-11-28#set-default-workflow-permissions-for-an-organization ↩

[crabdancing]

Oh, thank you @sellout! I'll keep this issue open to track the documentation issue, but my personal issue has been solved :)