Thanks to visit codestin.com
Credit goes to github.com

Skip to content

gh pr edit not working on FGAT + GH Actions despite having all the necessary permissions #8784

Open
Open
gh pr edit not working on FGAT + GH Actions despite having all the necessary permissions#8784
Labels
actionsauthrelated to tokens, authentication state, or oauthbugSomething isn't workinggh-prrelating to the gh pr commandneeds-triageneeds to be reviewed
@kalanyuz

Description

@kalanyuz
kalanyuz
opened on Mar 4, 2024

Describe the bug

gh pr edit [number] -b [body] is returning
GraphQL: Resource not accessible by personal access token (repository.pullRequests.nodes.0.projectCards.nodes)
when used with github actions + fine-grained access tokens despite having tried giving it maximum access:
image

Addition: Also tried with non-organization repository (private) but also did not work.

Expected vs actual behavior

It should be able to edit PR body with just pr write permissions

Logs

output from GH_DEBUG=api attached below

[git remote -v]
[git config --get-regexp ^remote\..*\.gh-resolved$]
[git symbolic-ref --quiet HEAD]
[git config --get-regexp ^branch\.test/pr_gen2\.(remote|merge)$]
[git remote -v]
[git config --get-regexp ^remote\..*\.gh-resolved$]
* Request at 2024-03-04 01:59:51.847311604 +0000 UTC m=+0.061486003
* Request to https://api.github.com/graphql
> POST /graphql HTTP/1.1
> Host: api.github.com
> Accept: application/vnd.github.merge-info-preview+json, application/vnd.github.nebula-preview
> Authorization: token ████████████████████
> Content-Length: 947
> Content-Type: application/json; charset=utf-8
> Graphql-Features: merge_queue
> Time-Zone: Etc/UTC
> User-Agent: GitHub CLI 2.44.1

GraphQL query:
query PullRequestForBranch($owner: String!, $repo: String!, $headRefName: String!, $states: [PullRequestState!]) {
    repository(owner: $owner, name: $repo) {
      pullRequests(headRefName: $headRefName, states: $states, first: 30, orderBy: { field: CREATED_AT, direction: DESC }) {
        nodes {id,url,title,body,baseRefName,reviewRequests(first: 100) {nodes {requestedReviewer {__typename,...on User{login},...on Team{organization{login}name,slug}}}},assignees(first:100){nodes{id,login,name},totalCount},labels(first:100){nodes{id,name,description,color},totalCount},projectCards(first:100){nodes{project{name}column{name}},totalCount},milestone{number,title,description,dueOn},number,state,headRefName,isCrossRepository,headRepositoryOwner{id,login,...on User{name}}}
      }
      defaultBranchRef { name }
    }
  }
GraphQL variables: {"headRefName":"test/pr_gen2","owner":"kz-labs","repo":"pr_writer_test","states":null}

< HTTP/2.0 200 OK
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
< Content-Security-Policy: default-src 'none'
< Content-Type: application/json; charset=utf-8
< Date: Mon, 04 Mar 2024 01:59:52 GMT
< Github-Authentication-Token-Expiration: 2024-04-03 00:44:34 UTC
< Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
< Server: GitHub.com
< Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
< Vary: Accept-Encoding, Accept, X-Requested-With
< X-Content-Type-Options: nosniff
< X-Frame-Options: deny
< X-Github-Media-Type: github.merge-info-preview; param=nebula-preview; format=json
< X-Github-Request-Id: 1F82:8607:2C1A33:5725EA:65E52B17
< X-Ratelimit-Limit: 5000
< X-Ratelimit-Remaining: 4997
< X-Ratelimit-Reset: 1709521191
< X-Ratelimit-Resource: graphql
< X-Ratelimit-Used: 3
< X-Xss-Protection: 0

{
  "data": {
    "repository": {
      "pullRequests": {
        "nodes": [
          {
            "id": "PR_kwDOLbL3dc5ohw7s",
            "url": "https://github.com/kz-labs/pr_writer_test/pull/2",
            "title": "remove blank",
            "body": "",
            "baseRefName": "main",
            "reviewRequests": {
              "nodes": []
            },
            "assignees": {
              "nodes": [],
              "totalCount": 0
            },
            "labels": {
              "nodes": [],
              "totalCount": 0
            },
            "projectCards": {
              "nodes": null,
              "totalCount": 0
            },
            "milestone": null,
            "number": 2,
            "state": "OPEN",
            "headRefName": "test/pr_gen2",
            "isCrossRepository": false,
            "headRepositoryOwner": {
              "id": "O_kgDOCaj62A",
              "login": "kz-labs"
            }
          }
        ]
      },
      "defaultBranchRef": {
        "name": "main"
      }
    }
  },
  "errors": [
    {
      "type": "FORBIDDEN",
      "path": [
        "repository",
        "pullRequests",
        "nodes",
        0,
        "projectCards",
        "nodes"
      ],
      "extensions": {
        "saml_failure": false
      },
      "locations": [
        {
          "line": 5,
          "column": 310
        }
      ],
      "message": "Resource not accessible by personal access token"
    }
  ]
}

* Request took [307](https://github.com/kz-labs/pr_writer_test/actions/runs/8134842819/job/22228397896#step:5:308).7[316](https://github.com/kz-labs/pr_writer_test/actions/runs/8134842819/job/22228397896#step:5:317)16ms
GraphQL: Resource not accessible by personal access token (repository.pullRequests.nodes.0.projectCards.nodes)

Metadata

Metadata

Assignees

No one assigned

    Labels

    actionsauthrelated to tokens, authentication state, or oauthbugSomething isn't workinggh-prrelating to the gh pr commandneeds-triageneeds to be reviewed

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions