LoginSignup
2
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

@nakamasato(Masato Naka)

[GitHub Actions] Unhandled error: HttpError: Resource not accessible by integrationエラーを解決する

Posted at

エラー

Unhandled error: HttpError: Resource not accessible by integration
``` RequestError [HttpError]: Resource not accessible by integration at /home/runner/work/_actions/actions/github-script/v6/dist/index.js:6172:21 Error: Unhandled error: HttpError: Resource not accessible by integration at processTicksAndRejections (node:internal/process/task_queues:96:5) { status: 403, response: { url: 'https://api.github.com/repos/nakamasato/github-actions-practice/issues/341/comments', status: 403, headers: { 'access-control-allow-origin': '*', 'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset', connection: 'close', 'content-encoding': 'gzip', 'content-security-policy': "default-src 'none'", 'content-type': 'application/json; charset=utf-8', date: 'Fri, 03 Feb 2023 21:59:01 GMT', 'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin', server: 'GitHub.com', 'strict-transport-security': 'max-age=31536000; includeSubdomains; preload', 'transfer-encoding': 'chunked', vary: 'Accept-Encoding, Accept, X-Requested-With', 'x-content-type-options': 'nosniff', 'x-frame-options': 'deny', 'x-github-api-version-selected': '2022-11-28', 'x-github-media-type': 'github.v3', 'x-github-request-id': '6481:61F2:20581AB:4267CCB:63DD83A5', 'x-ratelimit-limit': '1000', 'x-ratelimit-remaining': '995', 'x-ratelimit-reset': '1675465133', 'x-ratelimit-resource': 'core', 'x-ratelimit-used': '5', 'x-xss-protection': '0' }, data: { message: 'Resource not accessible by integration', documentation_url: 'https://docs.github.com/rest/reference/issues#create-an-issue-comment' } }, request: { method: 'POST', url: 'https://api.github.com/repos/nakamasato/github-actions-practice/issues/341/comments', headers: { accept: 'application/vnd.github.-preview+json', 'user-agent': 'actions/github-script octokit-core.js/3.6.0 Node.js/16.16.0 (linux; x64)', authorization: 'token [REDACTED]', 'content-type': 'application/json; charset=utf-8' }, body: '{"body":"\\nAdd `release` label if you want to release when this pull request is merged. (Fri Feb 03 2023 21:59:00 GMT+0000 (Coordinated Universal Time)) [keep-only-one-comment-on-pr.yml](https://github.com/nakamasato/github-actions-practice/blob/main/.github/workflows/keep-only-one-comment-on-pr.yml)"}', request: { agent: [Agent], hook: [Function: bound bound register] } } } ```

調べてみると、 dependabotが作成したPRでcommentを書くGitHub Actionsが失敗していた。depndabotの権限がread-onlyになっているせいらしい。

In March we made a change in GitHub Actions that forced workflows triggered by Dependabot to run with a read-only token.

解決策

permissionsで必要な権限を付与する

例. PRにコメントするGitHub Actionsの場合

permissions:
  pull-requests: write

詳細のpermissionsについては、Assigning permissions to jobs

References

  1. https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/
  2. https://github.com/dependabot/dependabot-core/issues/3253
  3. https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
2
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
2
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?