How to let actions-user to push to the repo

We have built an automated workflow for our releases using Github Actions. The problem is that currently, our dev branch is not protected and occasionally users with write access mistakenly push to the dev branch. We don’t want that to happen. However, making our dev branch “protected” will break our automated release workflow. Is there a way (workaround, or whatever that works) to let actions-user to push to the dev branch, which stopping other users from doing so (at least regular users, in our case since there are only 1-2 admins, it’s fine if they can also push to the dev branch).

You should be able to use the “Restrict who can push to matching branches” setting to exclude people from the protected branch rules. Unfortunately you’re only able to select user accounts here so you aren’t able to select the Actions bot directly.

To get around this you’ll need to select a user that has write access to the repository. Then you’ll need to create a Personal Access Token for this user, pass that into your workflow as a secret, and then use it in place of the default Actions token.

I believe that should then give your Actions workflow permission to push back to your repository’s protected branch while blocking other users from doing so.

1 Like