integrations
[BUG]: `403 Resource not accessible by integration []`
Expected Behavior
Be able to create a repository using ${{ secrets.GITHUB_TOKEN }} instead of ${{ secrets.MY_PAT }}.
Actual Behavior
Can only create a github_repository resource using ${{ secrets.MY_PAT }}, since even a ${{ secrets.GITHUB_TOKEN }} with full write permissions doesn't have the rights to create a new repository when used with the integrations/github Terraform provider.
│ Error: POST https://api.github.com/user/repos: 403 Resource not accessible by integration []
│
│ with github_repository.SampleRepo,
+ allow_merge_commit = false
+ allow_rebase_merge = false
│ on main.tf line 14, in resource "github_repository" "SampleRepo":
│ 14: resource "github_repository" "SampleRepo" {
│
jobs:
apply:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ${{ env.tf_actions_working_dir }}
steps:
- uses: actions/checkout@v4
- uses: hashicorp/setup-terraform@v3
- name: Terraform Init
id: init
run: terraform init -input=false
- name: Terraform Apply
run: terraform apply -input=false -auto-approve
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Terraform Version
Terraform v1.8.0 on linux_amd64 + provider registry.terraform.io/integrations/github v6.2.1
Affected Resource(s)
-
github_repository -
github_branch_protection
Terraform Configuration Files
terraform {
required_providers {
github = {
version = "6.2.1"
source = "integrations/github"
}
}
}
provider "github" {}
resource "github_repository" "SampleRepo" {
name = "todelete_sample"
visibility = "private"
allow_auto_merge = false
allow_merge_commit = false
allow_rebase_merge = false
allow_squash_merge = true
allow_update_branch = true
auto_init = true
delete_branch_on_merge = true
has_discussions = false
has_downloads = true
has_issues = true
has_projects = true
has_wiki = true
merge_commit_message = "PR_TITLE"
merge_commit_title = "MERGE_MESSAGE"
squash_merge_commit_message = "COMMIT_MESSAGES"
squash_merge_commit_title = "PR_TITLE"
}
resource "github_branch_protection" "MainBranchProtection" {
repository_id = github_repository.SampleRepo.node_id
pattern = "main"
allows_deletions = false
allows_force_pushes = false
enforce_admins = true
require_conversation_resolution = true
required_pull_request_reviews {
dismiss_stale_reviews = true
required_approving_review_count = 1
}
required_status_checks {
strict = true
}
}
Steps to Reproduce
No response
Debug Output
No response
Panic Output
No response
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
Hi, We are facing the same issue. when can we expect this to be fixed?
I saw the same error with provider 5.45.0 and found I could fix it by using ONLY the GITHUB_TOKEN env var, and not the "token" value in the provider block. See #2242. Until that was changed I don't think I was using the correct token.
Something is weird but that might be a workaround. YMMV.
IIRC, I fixed the issue by giving the GitHub App the administration: write permission. Definitely not intuitive, I couldn't find any reference in the official documentation.
Thank you, @garysassano; that was the missing permission on my end! Setting permissions was a pain in the neck! The docs are not helpful at all
FWIW, I just had the same error from the pages API endpoint, and had to update my Github app integration to include teh pages: write permission.
