Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

push-to-fork fails with Resource not accessible by personal access token #1791

Open
oscarbenjamin opened this issue Apr 1, 2023 · 3 comments
Open

push-to-fork fails with Resource not accessible by personal access token #1791

oscarbenjamin opened this issue Apr 1, 2023 · 3 comments

Comments

@oscarbenjamin
Copy link

Subject of the issue

I am trying to follow the instructions for push-to-fork with a machine user from here:
https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#push-pull-request-branches-to-a-fork

It currently succeeds in pushing to the machine account's fork but fails to create the pull request back to my repo with:

Create or update the pull request
  Attempting creation of pull request
  Error: Resource not accessible by personal access token

https://github.com/oscarbenjamin/protosym/actions/runs/4583286227/jobs/8094040007

The workflow is in a repo under my account but has been given a fine grained PAT to access the machine account:
https://github.com/oscarbenjamin/protosym/blob/147544959f655f2fc1c5a599e6464d962cff3624/.github/workflows/updater.yml#L22-L23

I'm unsure what this error means as in whether it means that the particular PAT does not have enough permissions or if it is that the action is not something that can be done by any PAT.

The permissions given to the fine grained PAT from the machine account are limited to the machine account's fork ("only select repositories") and are given as:

  • Contents read/write
  • metadata read
  • workflows read/write
  • pull requests read/write

In my repo in the actions settings I have ticked the box that says "Allow GitHub Actions to create and approve pull requests". I also tried selecting the "Read and write access" under "workflow permissions".

Is there something else that I am missing here?
@oscarbenjamin
Copy link
Author

I switched to using a classic PAT from the machine account with "repo" and "workflow" scope and then it worked.

@oscarbenjamin
Copy link
Author

I have tried using a fine grained PAT again and giving it every possible permission to the machine account and all of its repos but it still fails to open the pull request.

Maybe it is just not possible to get this setup working with a fine grained PAT.

@peter-evans
Copy link
Owner

Hi @oscarbenjamin

Maybe it is just not possible to get this setup working with a fine grained PAT.

That would not surprise me. Fine-grained access tokens are still in beta and I know that GitHub's GraphQL API is not supported yet. This action uses the REST API, which supposedly is supported, but perhaps some edge cases are not covered yet.

Error: Resource not accessible by personal access token

I've not seen this error message before, and it seems likely that the meaning is that the new fine-grained access tokens aren't supported for that particular case.

@dholbach dholbach mentioned this issue Apr 5, 2023
Closed
@peter-evans peter-evans mentioned this issue May 8, 2023
Open
@peter-evans peter-evans mentioned this issue Jun 13, 2023
Closed
@peter-evans peter-evans mentioned this issue Sep 23, 2023
Closed
@peter-evans peter-evans mentioned this issue Oct 12, 2023
Open
@russellbanks russellbanks mentioned this issue Jan 28, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@oscarbenjamin @peter-evans