merge-upstream-changes.yml workflow not created in mageos-magento2-functional-testing-framework repo

[Vinai]

The resource https://github.com/mage-os/mageos-magento2-functional-testing-framework/blob/develop/.github/workflows/merge-upstream-changes.yml was not created by terraform.

Currently the reason is unknown. The code at https://github.com/mage-os/terraform/blob/60aee7bbbfd5a713aff2924d8dcb57a1666be486/main.tf#L185 looks fine.

[sprankhub]

Looking at the plan in https://github.com/mage-os/terraform/pull/72#issuecomment-1712139504, it looks like many of these files were not yet created, but are now during the next action run. So I assume this is fixed as soon as we merge the PR and the actions are run.

[sprankhub]

Hmm we currently get a "Resource not accessible by integration" error: https://github.com/mage-os/terraform/actions/runs/6126213057/job/16630053322

Not sure why this happens at the moment...

[sprankhub]

Not sure how this ever worked :) Maybe GitHub changed the required permissions or something...

Terraform uses a GitHub App to execute the required changes in GitHub. This GitHub App requests certain permissions. We had write permissions for the /contents/ API endpoint already. However, the culprit is that files under .github/workflows need additional permissions, see https://docs.github.com/en/rest/repos/contents?apiVersion=2022-11-28#create-or-update-file-contents:

Creates a new file or replaces an existing file in a repository. You must authenticate using an access token with the repo scope to use this endpoint. If you want to modify files in the .github/workflows directory, you must authenticate using an access token with the workflow scope.

I added the workflow scope to our GitHub App now and this fixed the issue. The successful run now added missing files like https://github.com/mage-os/mageos-composer/blob/develop/.github/workflows/merge-upstream-changes.yml.