Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: Commit creating failed: {"detail":"You do not have permission to perform this action."} #1508

Open
josecelano opened this issue Jul 12, 2024 · 4 comments
Open

Error: Commit creating failed: {"detail":"You do not have permission to perform this action."} #1508

josecelano opened this issue Jul 12, 2024 · 4 comments
Assignees
@thomasrockhu-codecov
Labels
support

Comments

@josecelano
Copy link

I'm using a token, but I'm getting this error:

evenName: workflow_run
evenName: workflow_run
evenName: workflow_run
==> linux OS detected
https://cli.codecov.io/latest/linux/codecov.SHA256SUM
Received SHA256SUM 8777a6078323948d31cbd81b7776254d1fbfd6888c33dc899b1447b208d717f6  codecov
Received SHA256SUM signature -----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEJwNOf9uFDgu8LGL/gGuyiu13mGkFAmaAJWsACgkQgGuyiu13
mGkQ3A//dLrJ/XHpPp2thv4B5t4Vh2uREsyAYcxiZsp756tQkt+ITwWbyAGRBcrq
Pi9t/eLpo/AcNQhzVeApLMoBr7oe0Ysk98TAv7IaEUhpI8ewjCnYXLK7zn+dSkf7
/igUw+LPNS9a0eHnWuZAheVbAsBpHM5fDzp7/FiOzDsSwLCboyqZLb0VSkOY/UOo
2kPXTrf+ousvHeGeMbKlZhyVv6FHXP9BSwij+cwnBCFuJL0lRrPHK84AEpQ5a1hZ
siQ1jOzh3zecsCEH897EARf2006q4EVe6tLs6HyS0jCApek6nqnqtu2mJ7qNaP8e
snY6t65I9uYkyLWCHSm/90ukilIDOvuZQk+ywDDKPMh2MHQKw8CfD7hgllTDDQOj
1zFMvMIOaJx7XoxPPqCfm/ZllT5PlzwL+F2jIczFiMMTFa1xNKTfdnIfL5jZalgr
VElcqr/+RgYMVtIXhKhOXww7AHfzpSQzehiP/RYeDMM5/bxn5ATMo8Zq/MNL99V0
CdWBNJWALkruSev30uf4gX3hLqNDT5mt0oMQapRZAUIQFswHil3+gb46SojIq9lM
opyItwBNiI5O5sJ8UzZCn7RLfUXDnEWR3O2YUb2elZk9m24W3CW2gTtjShx5mrSb
bYleDtjW9Q2caH0Nv3toX3s+C5yDuHg7RBKHzzXDXA4LrFkGnec=
=EZuw
-----END PGP SIGNATURE-----

gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: Signature made Sat Jun 29 15:16:59 2024 UTC
gpg:                using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C  62FF 806B B28A ED77 9869
==> Uploader SHASUM verified (8777a6078323948d31cbd81b7776254d1fbfd6888c33dc899b1447b208d717f6  codecov)
==> Running version latest
==> Running version v0.7.2
==> Running git config --global --add safe.directory /home/runner/work/pull_request_target/pull_request_target
/usr/bin/git config --global --add safe.directory /home/runner/work/pull_request_target/pull_request_target
==> Running command '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov -v create-commit'
/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov -v create-commit --git-service github -C 244db3b3de5d01bca44a92c3ffb45e067e1d3ba9 --pr 16 -Z
info - 2024-07-[12](https://github.com/josecelano-test/pull_request_target/actions/runs/9907290283/job/27370651458#step:5:13) 11:42:10,908 -- ci service found: github-actions
debug - 2024-07-12 11:42:10,911 -- versioning system found: <class 'codecov_cli.helpers.versioning_systems.GitVersioningSystem'>
debug - 2024-07-12 11:42:10,9[14](https://github.com/josecelano-test/pull_request_target/actions/runs/9907290283/job/27370651458#step:5:15) -- versioning system found: <class 'codecov_cli.helpers.versioning_systems.GitVersioningSystem'>
warning - 2024-07-12 11:42:10,9[16](https://github.com/josecelano-test/pull_request_target/actions/runs/9907290283/job/27370651458#step:5:17) -- No config file could be found. Ignoring config.
debug - 2024-07-12 11:42:10,917 -- No codecov_yaml found
debug - 2024-07-12 11:42:10,9[17](https://github.com/josecelano-test/pull_request_target/actions/runs/9907290283/job/27370651458#step:5:18) -- Starting create commit process --- {"commit_sha": "244db3b3de5d01bca44a92c3ffb45e067e1d3ba9", "parent_sha": null, "pr": "16", "branch": "develop", "slug": "josecelano-test/pull_request_target", "token": "e******************", "service": "github", "enterprise_url": null}
info - [20](https://github.com/josecelano-test/pull_request_target/actions/runs/9907290283/job/27370651458#step:5:21)24-07-12 11:42:11,096 -- Process Commit creating complete
debug - 2024-07-12 11:42:11,097 -- Commit creating result --- {"result": "RequestResult(error=RequestError(code='HTTP Error 403', params={}, description='{\"detail\":\"You do not have permission to perform this action.\"}'), warnings=[], status_code=403, text='{\"detail\":\"You do not have permission to perform this action.\"}')"}
error - 20[24](https://github.com/josecelano-test/pull_request_target/actions/runs/9907290283/job/27370651458#step:5:25)-07-12 11:42:11,097 -- Commit creating failed: {"detail":"You do not have permission to perform this action."}

The workflow: https://github.com/josecelano-test/pull_request_target/blob/develop/.github/workflows/upload_coverage_pr.yaml#L104-L119

I have another workflow using version 3, and it works:

https://github.com/josecelano-test/pull_request_target/blob/develop/.github/workflows/coverage.yaml#L78-L85
@josecelano
Copy link
Author

josecelano commented Jul 30, 2024
edited
Loading

It's also failing with the latest version: 4.5.0. See https://github.com/josecelano-test/pull_request_target/actions/runs/9907290283/job/28115928698#step:1:29

Download action repository 'codecov/codecov-action@v4' (SHA:e28ff129e5465c2c0dcc6f003fc735cb6ae0c673)

@thomasrockhu-codecov thomasrockhu-codecov self-assigned this Aug 1, 2024
@nickl- nickl- mentioned this issue Aug 10, 2024
Open
@Spacetown
Copy link

It's also failing with the latest version: 4.5.0. See https://github.com/josecelano-test/pull_request_target/actions/runs/9907290283/job/28115928698#step:1:29

Download action repository 'codecov/codecov-action@v4' (SHA:e28ff129e5465c2c0dcc6f003fc735cb6ae0c673)

Same for me. I'm wondering why in the log the first character of the token isn't masked: "token": "e******************"

For me (https://github.com/gcovr/gcovr/actions/runs/10461552705/job/28970126469) it shows "token": "6******************" but the token doesn't start with a 6.

@ajfriend ajfriend mentioned this issue Aug 25, 2024
Closed
@ajfriend
Copy link

We seem to be having the same issue here: uber/h3-py#389

@beat-buesser
Copy link

beat-buesser commented Aug 27, 2024
edited
Loading

We see the same issue in https://github.com/Trusted-AI/adversarial-robustness-toolbox. The new action codecov-action@v4 and secret for Dependabot have worked for the Dependabot-PR updating to codecov-action@v4, but it seems not to work for PRs already opened by Dependabot before upgrading to codecov-action@v4. I have not yet observed new Dependabot PRs and if codecov-action@v4 would work there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@thomasrockhu-codecov thomasrockhu-codecov

Labels
support
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@josecelano @ajfriend @Spacetown @beat-buesser @thomasrockhu-codecov