"Resource not accessible by integration" when trying to enforce admin protection on github branch - Ubuntu

TheOddler
April 13, 2023
247 views
1 vote
2 Answers

I’m trying to write a GitHub action that temporarily disabled merging by requiring admin access using https://github.com/octokit/request-action, so I wrote an action like this:

name: Disable merging

on:
  # Manual trigger
  workflow_dispatch:
    inputs:
      branch:
        description: What branch to protect
        default: main
        required: true

jobs:
  disable-merging:
    name: Disable Merging
    permissions: write-all
    runs-on: ubuntu-latest
    steps:
    - name: Enforce the admin protection
      uses: octokit/[email protected]
      id: remove_admin_protection
      with:
        route: POST /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins
        owner: TheOddler
        repo: github-actions-tests
        branch: ${{ github.event.inputs.branch }}
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

# some more jobs to wait and then reenable again

However, when I run this I get the error "Resource not accessible by integration". From what I could find online it might be a permission problem, but I set the github token to have read/write access:

I enabled debug info, but it didn’t tell me much new, other than that I’m getting a 403 error from github:

##[debug]Evaluating: secrets.GITHUB_TOKEN
##[debug]Evaluating Index:
##[debug]..Evaluating secrets:
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'GITHUB_TOKEN'
##[debug]=> '***'
##[debug]Result: '***'
##[debug]Evaluating condition for step: 'Removed the admin protection'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: Removed the admin protection
##[debug]Loading inputs
##[debug]Evaluating: github.event.inputs.branch
##[debug]Evaluating Index:
##[debug]..Evaluating Index:
##[debug]....Evaluating Index:
##[debug]......Evaluating github:
##[debug]......=> Object
##[debug]......Evaluating String:
##[debug]......=> 'event'
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'inputs'
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'branch'
##[debug]=> 'main'
##[debug]Result: 'main'
Warning: Unexpected input(s) 'owner', 'repo', 'branch', valid inputs are ['route', 'mediaType']
##[debug]Loading env
Run octokit/[email protected]
POST /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins
> owner: TheOddler
> repo: github-actions-tests
> branch: main
> mediaType: [object Object]
##[debug]route: 'POST /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins'
##[debug]parameters: {
##[debug]  owner: 'TheOddler',
##[debug]  repo: 'github-actions-tests',
##[debug]  branch: 'main',
##[debug]  mediaType: {}
##[debug]}
##[debug]parsed request options: {
##[debug]  method: 'POST',
##[debug]  headers: {
##[debug]    accept: 'application/vnd.github.v3+json',
##[debug]    'user-agent': 'octokit-action.js/3.7.1 octokit-core.js/3.4.0 Node.js/12.22.7 (linux; x64)',
##[debug]    'content-length': 0
##[debug]  },
##[debug]  request: { hook: [Function: bound bound register] },
##[debug]  data: undefined,
##[debug]  url: 'https://api.github.com/repos/TheOddler/github-actions-tests/branches/main/protection/enforce_admins'
##[debug]}
< 403 222ms

::set-output name=status::403
Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
##[debug]steps.remove_admin_protection.outputs.status='403'
##[debug]RequestError [HttpError]: Resource not accessible by integration
##[debug]    at /home/runner/work/_actions/octokit/request-action/v2.1.0/dist/index.js:6251:23
##[debug]    at processTicksAndRejections (internal/process/task_queues.js:97:5)
##[debug]    at async main (/home/runner/work/_actions/octokit/request-action/v2.1.0/dist/index.js:404:39) {
##[debug]  status: 403,
##[debug]  headers: {
##[debug]    'access-control-allow-origin': '*',
##[debug]    'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
##[debug]    connection: 'close',
##[debug]    'content-encoding': 'gzip',
##[debug]    'content-security-policy': "default-src 'none'",
##[debug]    'content-type': 'application/json; charset=utf-8',
##[debug]    date: 'Thu, 13 Apr 2023 16:58:46 GMT',
##[debug]    'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
##[debug]    server: 'GitHub.com',
##[debug]    'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
##[debug]    'transfer-encoding': 'chunked',
##[debug]    vary: 'Accept-Encoding, Accept, X-Requested-With',
##[debug]    'x-content-type-options': 'nosniff',
##[debug]    'x-frame-options': 'deny',
##[debug]    'x-github-api-version-selected': '2022-11-28',
##[debug]    'x-github-media-type': 'github.v3; format=json',
##[debug]    'x-github-request-id': '0481:791A:1A5B4EA:35D023B:643834C6',
##[debug]    'x-ratelimit-limit': '1000',
##[debug]    'x-ratelimit-remaining': '996',
##[debug]    'x-ratelimit-reset': '1681407830',
##[debug]    'x-ratelimit-resource': 'core',
##[debug]    'x-ratelimit-used': '4',
##[debug]    'x-xss-protection': '0'
##[debug]  },
##[debug]  request: {
##[debug]    method: 'POST',
##[debug]    url: 'https://api.github.com/repos/TheOddler/github-actions-tests/branches/main/protection/enforce_admins',
##[debug]    headers: {
##[debug]      accept: 'application/vnd.github.v3+json',
##[debug]      'user-agent': 'octokit-action.js/3.7.1 octokit-core.js/3.4.0 Node.js/12.22.7 (linux; x64)',
##[debug]      'content-length': 0,
##[debug]      authorization: 'token [REDACTED]'
##[debug]    },
##[debug]    request: { hook: [Function: bound bound register] }
##[debug]  },
##[debug]  documentation_url: 'https://docs.github.com/rest/branches/branch-protection#set-admin-branch-protection'
##[debug]}
Error: Resource not accessible by integration
##[debug]Node Action run completed with exit code 1
##[debug]Finishing: Enforce the admin protection

Answers

Chosen as BEST ANSWER
- TheOddler
- April 14, 2023 at 9:36 am
- 0 votes
0
Looks like this was a problem with the token, apparently the GITHUB_TOKEN doesn't have privileges to do this, and I had to use a PAT (personal access token) instead.

(Edit)

- Justin
- April 14, 2023 at 3:20 am
- 0 votes
0
I think you need to pass enforce_admins as body instead, e.g.
```
{"url": "https://api.github.com/repos/octocat/hello-world/branches/main/protection",  
   "enforce_admins": {
     "url": "https://api.github.com/repos/octocat/helloworld/branches/main/protection/enforce_admins",
     "enabled": true
   }
}
```
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.

"Resource not accessible by integration" when trying to enforce admin protection on github branch – Ubuntu

Answers