Unable to create/update workflow files using the API

Hi all,

I’m using a GitHub App, and have read/write permissions to repository contents. My code can call the Create File API successfully, as long as the file is not in the .github/workflows directory. If I try to create any file in the .github/workflows directory, the API returns back 403 Resource not accessible by integration [].

I’ve been playing around here, and this code works 100% of the time if I change the directory to anything other than .github/workflows, and it fails 100% of the time when I try to create a file in that directory. Is there an additional permission needed to manage content in this directory?

Thanks!

2 Likes

I’ve made a gist that makes this problem easier to reproduce: https://gist.github.com/marccampbell/a3d1b6aad604c90546507fc2aa913946

Answering my own question here:  GitHub Apps cannot edit files in this directory. It’s a limitation imposed for security reasons can Personal Access Tokens can enable this, but not Apps.

Hi does anyone know if there will be a way to create actions via the api if writing an app? Is the security limitation you’re referring to just the 403 or can you like to the documentation where it talks about this? Thanks!

1 Like

The 403 Forbidden error can be solved by giving the GitHub App a read/write-permission in the workflow-category (see GitHub App settings). Then a Github App can create/modify a file in the .github/workflows folder by REST API.