0

According to GitHub Docs, one can use GitHub CLI commands in a workflow.

I am trying to programmatically update the description of the repository from a workflow in that repository, and the only solution I found was using the GitHub CLI:

name: update repo 
on: push
jobs:
  update:
    runs-on: ubuntu-latest
    permissions: write-all
    steps:
      - name: 'Checkout repository'
        uses: actions/checkout@v3

      - name: 'Update repository description'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: gh repo edit --description "test"

but even with permissions: write-all, I still get the error:

HTTP 403: Resource not accessible by integration
Qunatized
  • 197
  • 1
  • 9
  • 1
    This might be something you can't to with `GITHUB_TOKEN`, and you need to use a personal access token instead. – Benjamin W. Aug 03 '23 at 16:55
  • @BenjaminW. Yeah just checked; you can do it with a personal access token with "Administration" permission for the repo. I wonder if there is a way around that. – Qunatized Aug 03 '23 at 17:24
  • I don't think you can get away with less permissions than Admin/write on the repo, see [this list](https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens?apiVersion=2022-11-28#repository-permissions-for-administration). You can at least create a fine-grained access token that's scoped to just that one repo, instead of read/write on everything in the org, as the legacy PAT would have. – Benjamin W. Aug 03 '23 at 17:37
  • @BenjaminW. no I meant not having to create a personal access token, but apparently there is no way. – Qunatized Aug 03 '23 at 19:35

0 Answers0