GitHub Community
Unable to create/update workflow files using the API #24682
-
|
Hi all, I’m using a GitHub App, and have read/write permissions to repository contents. My code can call the Create File API successfully, as long as the file is not in the .github/workflows directory. If I try to create any file in the .github/workflows directory, the API returns back 403 Resource not accessible by integration []. I’ve been playing around here, and this code works 100% of the time if I change the directory to anything other than .github/workflows, and it fails 100% of the time when I try to create a file in that directory. Is there an additional permission needed to manage content in this directory? Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 6 comments 1 reply
-
|
I’ve made a gist that makes this problem easier to reproduce: https://gist.github.com/marccampbell/a3d1b6aad604c90546507fc2aa913946 |
Beta Was this translation helpful? Give feedback.
-
|
Answering my own question here: GitHub Apps cannot edit files in this directory. It’s a limitation imposed for security reasons can Personal Access Tokens can enable this, but not Apps. |
Beta Was this translation helpful? Give feedback.
-
|
Does this restriction still apply? |
Beta Was this translation helpful? Give feedback.
-
|
Hi does anyone know if there will be a way to create actions via the api if writing an app? Is the security limitation you’re referring to just the 403 or can you like to the documentation where it talks about this? Thanks! |
Beta Was this translation helpful? Give feedback.
-
|
The |
Beta Was this translation helpful? Give feedback.
-
|
yes, my app has that setting so it can directly write to that file via the API but I can’t create a file if there is branch protection that requires a new branch + PR workflow b/c I don’t have a permissions to write a file to a new branch |
Beta Was this translation helpful? Give feedback.
-
|
hey. I’m having the same problem - even giving my github app the workflow:write permission still doesn’t work. Is there another endpoint which is involved in this - or is it the standard “contents” endpoint used for writing files? So frustrating - am attempting to not have the contents permission in my app but the workflow one just doesn’t seem to be working… |
Beta Was this translation helpful? Give feedback.
Answering my own question here: GitHub Apps cannot edit files in this directory. It’s a limitation imposed for security reasons can Personal Access Tokens can enable this, but not Apps.