search

JuliaRegistries / TagBot

Creates tags, releases, and changelogs for your Julia packages when they're registered
https://github.com/marketplace/actions/julia-tagbot
MIT License
94 stars 20 forks source link

ssh deploy key seems to be a must-to-have thing #239

Closed johnnychen94 closed 3 months ago

johnnychen94 commented 2 years ago

I still get the "Resource not accessible by integration" error (https://github.com/JuliaRegistries/TagBot/issues/222) in https://github.com/johnnychen94/LazyModules.jl/runs/6449253549?check_suite_focus=true after upgrading the config to

name: TagBot
on:
  issue_comment:
    types:
      - created
  workflow_dispatch:
    inputs:
      lookback:
        default: 3
permissions:
  contents: write
jobs:
  TagBot:
    if: github.event_name == 'workflow_dispatch' || github.actor == 'JuliaTagBot'
    runs-on: ubuntu-latest
    steps:
      - uses: JuliaRegistries/TagBot@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}

so I tried to add ssh-key and rerun the TagBot workflow, this time it worked.

ericphanson commented 1 year ago

This is now a "troubleshooting tip" (https://github.com/JuliaRegistries/TagBot#i-am-seeing-some-kind-of-permissions-error) though it would be good to figure out why this is needed in some cases

odow commented 11 months ago

This is happening for https://github.com/jump-dev/SDPLR.jl. One reason might be that it was recently moved from @blegat's account to @jump-dev.

omus commented 4 months ago
I've also noticed the problem with "Resource no accessible by integration" ``` Traceback (most recent call last): File "/root/tagbot/action/__main__.py", line 96, in repo.create_release(version, sha) File "/root/tagbot/action/repo.py", line 605, in create_release self._repo.create_git_ref(f"refs/tags/{version_tag}", tag.sha) File "/usr/local/lib/python3.8/site-packages/github/Repository.py", line 1023, in create_git_ref headers, data = self._requester.requestJsonAndCheck( File "/usr/local/lib/python3.8/site-packages/github/Requester.py", line 398, in requestJsonAndCheck return self.__check( File "/usr/local/lib/python3.8/site-packages/github/Requester.py", line 423, in __check raise self.__createException(status, responseHeaders, output) github.GithubException.GithubException: 403 {"message": "Resource not accessible by integration", "documentation_url": "https://docs.github.com/rest/git/refs#create-a-reference", "status": "403"} ``` Notice the call to `create_git_ref` which is failing when trying to create the Git tag reference after creating the tag object (see these [instructions](https://docs.github.com/en/rest/git/tags?apiVersion=2022-11-28#create-a-tag-object)). The issue is the same as https://github.com/orgs/community/discussions/68932 which mentions that failure do not occur when working with the `HEAD` commit of a branch.

If you want to temporarily work around this problem you can have this GHA succeed if you manually create a branch against the commit SHA where the tag will be created. Doing this allows the create_git_ref API call to succeed.