Actions/checkout@v3 can't authenticate on: pull_request

I’m working on a pipeline that will perform some checks on the source code before auto-approving a merge request. However, I’m having issues checking out the source code.

I tried the pull_request and pull_request_target events.

My pipeline looks like this:

name: Auto Approval Pipeline
on:  pull_request
jobs:
  pr-auto-approval:
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
    steps:
    - uses: actions/checkout@v3
      with:
      # ref: ${{ github.event.pull_request.head.sha }} # with pull_request_target I had to add this line to checkout the right branch.
        token: ${{ secrets.GITHUB_TOKEN }} # tried with and without this line
    - name: Validate json
      id: validate-json
      run: |
        jq . file.json
        [[ "$?" != "0" ]] && exit 1
        echo "INFO: JSON valid."
    - name: auto-approve-action
      uses: hmarr/auto-approve-action@v2
      with:
        github-token: ${{ secrets.GITHUB_TOKEN }} 

Error:

  /usr/bin/git -c protocol.version=2 fetch --no-tags --prune --progress --no-recurse-submodules --depth=1 origin +a02c69be65b1693fe2119d9cce38ee240f68f24c:refs/remotes/pull/9/merge
  remote: Repository not found.
  Error: fatal: repository 'https://github.com/user/myproject/' not found

On a regular pipeline I can check out the code all fine using:

name: Feature Branch Pipeline
on: push
jobs:
  process-json:
    runs-on: ubuntu-latest
    name: Process JSON
    steps:
    - uses: actions/checkout@v3
    - name: First script
      run: |
        ls -lRh .
        jq . file.json

Any ideas appreciated.

Here’s your problem. Without read access to contents the job can’t access the repository contents.

1 Like

Thank you. Adding permissions: contents: read fixed my issue.

1 Like