Skip to content

"Maintainers are allowed to edit this pull request" PR toggle is not honored by github actions #684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kayrus opened this issue May 20, 2025 · 1 comment
Open

"Maintainers are allowed to edit this pull request" PR toggle is not honored by github actions #684

kayrus opened this issue May 20, 2025 · 1 comment
Labels
status: pending More info is needed before deciding what to do status: stale Inactive issues and PRs

Comments

@kayrus
Copy link

kayrus commented May 20, 2025
edited
Loading

Describe the bug

When a PR is happened from the remote repo, the add-and-commit action fails with the The requested URL returned error: 403 error message

Workflow used

name: Check & Fix License Header

on:
  pull_request:
    types: [opened, synchronize, reopened]

jobs:
  build-license-eye:
    name: Build LicenseEye
    runs-on: [ ubuntu-latest ]
    permissions:
      contents: read

    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          repository: ${{ github.event.pull_request.head.repo.full_name }}
          ref: ${{ github.event.pull_request.head.ref }}

      - name: Check License Header
        uses: apache/skywalking-eyes/header@v0.6.0
        with:
            config: .github/licenserc.yaml
            mode: fix

  apply-license-header:
    name: Apply LicenceHeader
    runs-on: [ ubuntu-latest ]
    permissions:
      contents: write

    steps:
    - name: Checkout
      uses: actions/checkout@v4
      with:
        token: ${{ secrets.GITHUB_TOKEN }}
        repository: ${{ github.event.pull_request.head.repo.full_name }}
        ref: ${{ github.event.pull_request.head.ref }}

    - name: Check License Header
      uses: apache/skywalking-eyes/header@v0.6.0
      with:
          config: .github/licenserc.yaml
          mode: fix

    - name: Apply Changes
      uses: EndBug/add-and-commit@v9
      env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      with:
          author_name: License Bot
          author_email: license_bot@github.com
          message: 'Automatic application of license header'

Expected behavior

The commit should be a part of the repo maintainers.

I'm not sure if I need to create a github bot user and give it org permissions along with PAT token creation to avoid 403 permissions issue.

Logs

https://github.com/sapcc/digicert-issuer/actions/runs/14902614646/job/42206861418?pr=66

UPD: relates to #478, but it's not clear how exactly to create a PAT. Which permissions are needed.
@kayrus kayrus added the status: pending More info is needed before deciding what to do label May 20, 2025
@github-actions GitHub Actions
Copy link

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the status: stale Inactive issues and PRs label Jun 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: pending More info is needed before deciding what to do status: stale Inactive issues and PRs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kayrus