You must authenticate via a GitHub App

[bandlachiranjeevi]

Please help me how to authenticate using github token

[bandlachiranjeevi]

You must authenticate via a GitHub App

[bandlachiranjeevi]

While using github actions it is able generate summary.md file . but unable to publish into Pull request page
it is showing You must authenticate via a GitHub App

[LouisBrunner]

Hi,

I think you are referring to this issue (triggering actions from a fork through a pull request): #35 (comment)

There are a bunch of examples and explanations how to solve this in there, otherwise please feel free to reopen.

[JorensM]

@LouisBrunner Hello I am getting this error message though I'm not triggering an action from a fork but instead on my own repo. This is what my actions file looks like:

name: Run tests

on: pull_request

defaults:
 run:
  working-directory: ./app
  
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: Install modules
      run: yarn
    - name: Run tests
      run: yarn test
    - uses: LouisBrunner/checks-action@v1.6.1
      if: always()
      with:
        token: ${{ secrets.GH_TOKEN }}
        name: Test XYZ
        conclusion: ${{ job.status }}
        output: |
          {"summary":"${{ steps.test.outputs.summary }}"}

I tried both with the new token type and the old one and granted all permissions. On the classic token type I'm getting the error You must authenticate via a GitHub App and with the new token type I'm getting Resource not accessible by personal access token

[LouisBrunner]

@JorensM What if you use secrets.GITHUB_TOKEN?

[JorensM]

@LouisBrunner I have my token saved with the name GH_TOKEN because when I tried saving it as GITHUB_TOKEN I got a message that I can't create secrets that start with the word GITHUB

[JorensM]

@LouisBrunner To be clear, am I setting up the secret in the correct way? I go to Repo settings > Secrets and variables > Actions > Add token to Repository Secrets

[LouisBrunner]

GITHUB_TOKEN is a secret created automatically by Github, see https://docs.github.com/en/actions/security-guides/automatic-token-authentication

Most of the time you should be using it and not one created manually. Check the updated README for reference if you get permissions errors: https://github.com/LouisBrunner/checks-action?tab=readme-ov-file#permissions

[JorensM]

@LouisBrunner Thanks for clarifying, I didn't know there's a special secret token. I tried replacing secrets.GH_TOKEN with secrets.GITHUB_TOKEN and now I am getting Resource not accessible by integration. I tried adding permissions to no avail

This is what my .yaml file looks like:

name: Run tests

on: pull_request

defaults:
 run:
  working-directory: ./app
  
jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      checks: write
      contents: read
      pull-requests: write
    steps:
    - uses: actions/checkout@v2
    - name: Install modules
      run: yarn
    - name: Run tests
      run: yarn test
    - uses: LouisBrunner/checks-action@v1.6.1
      if: always()
      with:
        token: ${{ secrets.GITHUB_TOKEN }}
        name: Test XYZ
        conclusion: ${{ job.status }}
        output: |
          {"summary":"${{ steps.test.outputs.summary }}"}

[JorensM]

@LouisBrunner Update: I have found out that your GH action is not necessary for what I'm trying to do, so I'll drop it at least for now. But it's still worth looking into this issue as others may still be experiencing it as well!

[LouisBrunner]

@JorensM Unfortunately, there is not much I can do on my side. Either you create a Github App so you have full control over permissions or you set the permissions as specified by Github (actions/first-interaction#10 (comment)).
It's very odd you are still getting this problem with the permissions setup as others had success with this solution (#190 (comment)).
Anyway, sorry I couldn't help but glad you got things sorted!