I am new to Github Actions, I am trying to automate a process, and I am doing the follow:
name: Versioning
on:
pull_request_review:
types:
- submitted
jobs:
update-version:
if: github.event.review.state == 'approved' && github.event.pull_request.state == 'open'
runs-on: windows-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
- name: Update Version
shell: pwsh
run: |
$baseRef = "${{ github.event.pull_request.base.ref }}"
$headRef = "${{ github.event.pull_request.head.ref }}"
$wixInstallerPath = "MyApp X86 Installer/Product.wxs"
$wixInstaller = Get-Content -Path $wixInstallerPath
$minor = [regex]::Match($wixInstaller, '(?<=<Product[^>]*Version=")\d+\.\d+\.(\d+)').Groups[1].Value
$revision = [regex]::Match($wixInstaller, '(?<=<Product[^>]*Version="\d+\.\d+\.\d+\.)(\d+)').Groups[1].Value
$oldVersion = "$baseRef.$minor.$revision"
if ($headRef.StartsWith("feature-")) {
$minor = [int]$minor + 1
$revision = 0
} else {
$revision = [int]$revision + 1
}
$newVersion = "$baseRef.$minor.$revision"
# Update WiX installer file
(Get-Content -Path $wixInstallerPath) -replace '(?<=<Product[^>]*Version=")\d+\.\d+\.\d+\.\d+', $newVersion | Set-Content -Path $wixInstallerPath
$repoPath = "https://${{ secrets.GITHUB_TOKEN }}@github.com/bioacesso/gerenciador-facial.git";
# Commit the changes
git config --global user.name "Mybot"
git config --global user.email "github@myapp.net"
git add -u
git commit -m "Please work"
git push --repo=$repoPath
I am getting this error:
1 file changed, 1 insertion(+), 1 deletion(-)
remote: Write access to repository not granted.
fatal: unable to access 'https://github.com/myapp/myapp.git/': The requested URL returned error: 403
I have tried using my own token with all grants, i have tried using secrets, and even push the access token directly into code, with and without the username. But the error persists.
Any ideas?
Depending on your org- and repo-level configuration settings for actions, the default GITHUB_TOKEN
has only read access. You can elevate permissions at the workflow level or at the job level.
For example, to allow writing content for your job:
jobs:
update-version:
if: >-
github.event.review.state == 'approved'
&& github.event.pull_request.state == 'open'
runs-on: windows-latest
permissions:
contents: write