Refusing to allow an integration to create or update.

Hi there,

I am trying to move our CI system from azure to GitHub Actions. Unfortunately, our contributors having problems after I added .github/workflows/ci.yml to master. They cannot update their fork on of them are getting this:

![remote rejected] master -\>master (refusing to allow an integration to create or update .github/workflows/ci.yml)
error: failed to push some refs to'https://github.com/nopara73/WalletWasabi.git'

He enabled actions on his fork. 

https://github.com/zkSNACKs/WalletWasabi/issues/2329

He is using the HTTPS URL in git.

Is there any solution to this? Forcing the contributors to use SSH is not an option. 

Thank you in advance. 

12 Likes

Apologies for the inconvenience here.  We added restrictions to ensure that applications (with application tokens) cannot update workflows.

Regrettably, some user agents - that also create application tokens - were affected by this.

Tools like Git Kraken and GitHub Desktop should be updated to request updated application tokens - if you’re using one of those clients, you should be able to log out and log back in to refresh your token, then you should be able to push a workflow.

4 Likes

Thank you for your answer! I am still not sure I understand it correctly. 

Sorry for the plain composition, just to make it clear: you are saying that we cannot use git command line with HTTPS remotes if we would like to have github actions?

Because for me it looks like anyone who has remotes with HTTPS URL will be rejected to update any file in the repo. 

Best regards,

Dave

2 Likes

I’m seeing the same issue trying to push to a fork of a repo that recently added GitHub actions. I’m not trying to touch them, just trying to update my fork to sync with the upstream, but I’m running into this error.

2 Likes

I did not encounter the problem because I am using SSH as a git remote. But anyone who is using HTTPS will be refused. Try it with SSH and let me know if it helps or not. 

I did not try this but if you are using a token that should be fine too even on HTTPs remote. 
https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line

Hey @ethomson!

I’m using Git for Windows (command line) with Git Credential Provider. I’ve enabled Actions on my fork, but git push from command line still gives the error. I understand I need to somehow invalidate the current token so it re-requests authentication against my fork? 

How do I “sign out”?

Thanks!

Kirill

1 Like

I tried reading the docs here:

https://github.com/microsoft/Git-Credential-Manager-for-Windows/blob/master/Docs/CredentialManager.md

but couldn’t figure out how to do it.

OK I found a solution here:

https://github.com/gitextensions/gitextensions/issues/4916#issuecomment-557509451

Needed to go to Credential Manager in Windows, switch to “Windows”, find the Git credential and delete it. This forced Git Credential Manager to re-prompt me to sign in to GitHub and push worked after that.

This is highly non-obvious, please consider updating the error message returned from the server to be more informative, ideally link to a doc on the web teaching you how to invalidate the token on various clients and operating systems. Thanks!

26 Likes

I had the same problem and I resolved it by editing the file through the web interface of github: Open the repositori with browser in github -> click on the Actions tab -> choose the action you want to edit -> run build

Disconnecting and connecting Gitkraken from Github worked ! Thanks

That helped,  thanks!

I was using https://github.com/actions/checkout and got a similar error. Solution was creating a new token with workflows permisison in GitHub, adding it as a secret and then giving it to the checkout action like this:

- uses: actions/checkout@v2
  with:
    token: ${{ secrets.ACTIONS_TOKEN }}
1 Like