Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"Resource not accessible by integration" #10

Open
AstraLuma opened this issue Sep 3, 2019 · 62 comments
Open

"Resource not accessible by integration" #10

AstraLuma opened this issue Sep 3, 2019 · 62 comments

Comments

@AstraLuma
Copy link

https://github.com/ppb/pursuedpybear/pull/359/checks?check_run_id=211188070

https://github.com/ppb/pursuedpybear/blob/master/.github/workflows/greetings.yml
@JeroenKnoops JeroenKnoops mentioned this issue Oct 11, 2019
Closed
@JJ
Copy link

JJ commented Oct 23, 2019
edited
Loading

This happens as soon as the person creating the PR does not have permission to the repository. I've been all day with this, and there does not seem to be a solution. Same problem as here actions/labeler#12.

@JJ JJ mentioned this issue Oct 23, 2019
Closed
@AstraLuma
Copy link
Author

Eh? Actions run under their own credentials, not as a user??

@JJ
Copy link

JJ commented Oct 26, 2019

Actions run as an user, but when they are running in a fork there are potential security problems, so they are degraded to "read-only"

@AstraLuma
Copy link
Author

I'm confused. This is an action configured in the main repo for a PR in the main repo?

@AstraLuma
Copy link
Author

AstraLuma commented Oct 28, 2019
edited
Loading

Oh, PR events are sent to the fork under the source branch, not to to the target repo/branch?

@mangelajo
Copy link

Ok, github needs to fix this. I'm facing the same thing while trying to create an action.

@kaxil kaxil mentioned this issue Jan 4, 2020
Merged
6 tasks
@kaxil
Copy link

kaxil commented Jan 6, 2020

We faced similar issue when trying to use greeting for Airflow project (https://github.com/apache/airflow). So we developed a Github app which is working well for us in case someone faces similar issue:

https://github.com/kaxil/boring-cyborg

@OlegZharkov OlegZharkov mentioned this issue Feb 28, 2020
Closed
@joshgoebel
Copy link

joshgoebel commented Mar 3, 2020
edited
Loading

Is this the same issue as with labeler? actions/labeler#50

If so, can the same solution also be applied (at least as a stopgap)? Very frustrating that Github seems to push these actions hard in their UI but then they don't work with the most common use case on GitHub for OSS projects.

@joshgoebel joshgoebel mentioned this issue Mar 3, 2020
Closed
@gunnsth
Copy link

gunnsth commented Mar 4, 2020
edited
Loading

Getting this too: https://github.com/unidoc/unipdf/pull/269/checks?check_run_id=486244746
Would make sense to skip the action if needed resources are not available? Or an option to make it required/optional. Some actions might be required, but a greeting hardly, but this is flagging a valid PR as failing due to this.

@joshgoebel
Copy link

Some actions might be required, but a greeting hardly, but this is flagging a valid PR as failing due to this.

Yes, very good point also. Not all actions are created equal (in that they should kill the whole workflow from moving forward).

@Borda
Copy link

Borda commented Mar 9, 2020

the same issue also here - https://github.com/PyTorchLightning/pytorch-lightning/pull/1101/checks?check_run_id=496573752

gunnsth added a commit to unidoc/unipdf that referenced this issue Mar 9, 2020
@gunnsth
Stop greeting on PRs as does not work with Actions
ed30fe6 
See
actions/first-interaction#10
@amey-kudari amey-kudari mentioned this issue Mar 17, 2020
Closed
@bkimminich bkimminich mentioned this issue Mar 18, 2020
Closed
@AstraLuma AstraLuma mentioned this issue Mar 21, 2020
Closed
@sakshi-mishra sakshi-mishra mentioned this issue Mar 23, 2020
Closed
@peaceiris peaceiris mentioned this issue Mar 24, 2020
Closed
@joshgoebel
Copy link

joshgoebel commented Apr 19, 2020
edited
Loading

Anyone alive here: Is this the same issue as with labeler? actions/labeler#50

I added this to a project but I guess I'm about to rip it out - the use case seems extremely limited - not at all suited for large OSS projects with many contributors. And those are exactly the projects where this type of thing would be most helpful.

@Ecco
Copy link

Ecco commented Apr 19, 2020
edited
Loading

Unfortunately this is not specific to a given action / repository.

Anyone hit by this, please read this long comment I wrote and feel free to upvote it.

@mikebrow mikebrow mentioned this issue Apr 21, 2020
Merged
@orf orf mentioned this issue May 1, 2020
Open
@omurilo omurilo mentioned this issue May 6, 2020
Merged
omurilo added a commit to lucasmontano/twitch that referenced this issue May 7, 2020
@omurilo
Remote on pull_request first interaction
7fc3c8f 
Because a creator of PR not have write permission on repository, this actions fail on all the PR created by community.

This bug it is related on actions/first-interaction#10
@omurilo omurilo mentioned this issue May 7, 2020
Merged
omurilo added a commit to lucasmontano/twitch that referenced this issue May 7, 2020
@omurilo
fix: remove run this in pull_request first interaction
9358bd1 
Because a creator of PR not have write permission on repository, this actions fail on all the PR created by community.

This bug it is related on actions/first-interaction#10
@gerw gerw mentioned this issue Jul 22, 2023
Merged
Bouni pushed a commit to Bouni/python-luxtronik that referenced this issue Jul 22, 2023
@gerw @Bouni
Update pytest.yml
0735765 
According to actions/first-interaction#10 (comment), this should fix the issue with the failing of pytest on pull requests from forks.
@tianyin tianyin mentioned this issue Jul 26, 2023
Merged
miniTalDev added a commit to miniTalDev/yolov5-lip-detection that referenced this issue Aug 6, 2023
@miniTalDev
update greetings.yml with pull_request_target (#677)
834f943 
Should resolve "Resource not accessible by integration" error message.

actions/first-interaction#10 (comment)
@simonsan simonsan mentioned this issue Aug 21, 2023
Closed
@rootxrishabh rootxrishabh mentioned this issue Sep 9, 2023
Open
@ClementWalter ClementWalter mentioned this issue Sep 11, 2023
Merged
9 tasks
@ZeLonewolf ZeLonewolf mentioned this issue Sep 22, 2023
Merged
@rootxrishabh rootxrishabh mentioned this issue Sep 29, 2023
Draft
7 tasks
This was referenced Oct 5, 2023
Closed
Merged
@LouisBrunner LouisBrunner mentioned this issue Oct 18, 2023
Closed
@aatmanvaidya aatmanvaidya mentioned this issue Oct 27, 2023
Closed
@asumagic asumagic mentioned this issue Dec 1, 2023
Draft
13 tasks
BlazingTwist added a commit to BlazingTwist/Clean-Code-Development-Jchess that referenced this issue Dec 4, 2023
@BlazingTwist
Update maven.yml
f16d4bd 
actions/first-interaction#10 (comment)
@kchason kchason mentioned this issue Jan 12, 2024
Merged
@samamorgan samamorgan mentioned this issue Jan 19, 2024
Merged
@LouisBrunner LouisBrunner mentioned this issue Jan 26, 2024
Closed
@Keyrxng Keyrxng mentioned this issue Feb 18, 2024
Closed
@psturc psturc mentioned this issue Feb 20, 2024
Closed
@jbampton jbampton mentioned this issue Mar 2, 2024
Closed
@barbaracabral
Copy link

I had the same issue executing the Zap Action code scan with docker config: https://github.com/zaproxy/action-api-scan

risvh added a commit to risvh/OneLifeData7 that referenced this issue Mar 26, 2024
@risvh
Made commenting on PR work when the PR's creator doesn't have write a…
b30fb0f 
…ccess to our repo

Relevant read:

Resource not accessible by integration
actions/first-interaction#10 (comment)
actions/first-interaction#10 (comment)

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
@valeriazagontova valeriazagontova mentioned this issue Mar 30, 2024
Closed
connorhsm pushed a commit to twohoursonelife/OneLifeData7 that referenced this issue Apr 8, 2024
@risvh @connorhsm
Made commenting on PR work when the PR's creator doesn't have write a…
7ee4787 
…ccess to our repo

Relevant read:

Resource not accessible by integration
actions/first-interaction#10 (comment)
actions/first-interaction#10 (comment)

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Wowlian added a commit to Wowlian/linkedin-skill-assessments-quizzes that referenced this issue May 27, 2024
@Wowlian
- fix for greetings.yml
c8da7f8 
actions/first-interaction#10 (comment)
@HakunMatat4
Copy link

I have crossed this problem and the solution was nothing but ironic.
After searching for the error message, I crossed this code block that somehow made into the action I was working on but I never noticed it until now.

I tried setting extra permissions but in my case the action doesn't need it at all. I believe the id-token was messing everything and in my case, I removed that whole permissions block which no other action uses it and voila.
The workflow is processing 100% now.

permissions:
  id-token: write
  contents: read
  issues: write
  pull-requests: write

Sources:

  1. The hero: https://sjramblings.io/github-actions-resource-not-accessible-by-integration
  2. Oficial documentation: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github\_token

@JackEblan JackEblan mentioned this issue Aug 27, 2024
Closed
MichaelAnderson-AI added a commit to MichaelAnderson-AI/upwork-yolo-swift that referenced this issue Oct 23, 2024
@MichaelAnderson-AI
update greetings.yml with pull_request_target (#677)
894b38f 
Should resolve "Resource not accessible by integration" error message.

actions/first-interaction#10 (comment)
@tuliren tuliren mentioned this issue Nov 12, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests