When trying to sync my Github repository the following error occurs:
Pushing synced data to target branch.
To https://github.com/_/panther-analysis.git
! [remote rejected] sync_upstream_v3.25.0 -> sync_upstream_v3.25.0 (refusing to allow a GitHub App to create or update workflow .github/workflows/release.yml without workflows permission)
error: failed to push some refs to 'https://github.com/ /panther-analysis.git'
ERROR: exit 1
To resolve this issue:
Create a new Personal Access Token (PAT) via the classic method in your GitHub Profile.
The Scopes you need are repo and workflow.
In your repository, create a repository secret that uses your PAT.Repository > Settings > Secrets and Variables > Actions > New Secret.
The name is what you will use when updating the GitHub Action, and the value is what was generated when creating your PAT.
Modify the sync-panther-analysis-from-upstream GHA to use your PAT:Line 35: change ${{ secrets.GITHUB_TOKEN }} to ${{ secrets.YOUR_TOKEN }}
Insert a line after line 42: token: ${{ secrets.YOUR_TOKEN }}
Run workflow to validate.
This occurs when your GitHub Action is using a GITHUB_TOKEN
which doesn't have the permission to edit workflows. This means that when Panther's upstream introduces a change to one of the workflow files, the GHA will fail, and you will need to manually perform the merge.
To prevent this, create a new token or edit the default one, and include the proper permissions to edit workflows.