首頁 探索 說明
註冊 登入
dkb
/
knotes
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: f0f6c03316
分支列表 標籤列表
knotes
/
WORKFLOW_PERMISSIONS_FIX.md

WORKFLOW_PERMISSIONS_FIX.md 3.0 KB
文件歷史 原始文件

🔧 GitHub Workflow Permissions Fix

Problem: "Resource not accessible by integration"

The GitHub Actions workflow was failing when trying to create releases with the error:

Error: Resource not accessible by integration

🔍 Root Cause:

  1. Insufficient Permissions: The GITHUB_TOKEN didn't have write permissions for repository contents
  2. Deprecated Action: Using actions/create-release@v1 which has known permission issues
  3. Missing Explicit Permissions: GitHub Actions needs explicit permissions to create releases

Solution Applied:

1. Added Explicit Permissions

permissions:
  contents: write      # Required for creating releases and tags
  issues: write        # Required for release management
  pull-requests: write # Required for comprehensive workflow access

2. Replaced Deprecated Action

Before (problematic):

- uses: actions/create-release@v1  # ❌ Deprecated, permission issues

After (reliable):

- name: Create Desktop App Release
  env:
    GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  run: |
    gh release create "$TAG" \
      --title "kNotes Desktop v${VERSION}" \
      --notes-file release-notes.md \
      --latest

3. Added Error Handling

gh release create "$TAG" \
  --title "kNotes Desktop v${VERSION}" \
  --notes-file release-notes.md \
  --latest || {
  echo "Release already exists, updating it..."
  gh release edit "$TAG" \
    --title "kNotes Desktop v${VERSION}" \
    --notes-file release-notes.md \
    --latest
}

4. Enhanced Environment Variables

env:
  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}        # For GitHub CLI
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}    # For electron-builder

🎯 Benefits of the Fix:

  • More Reliable: GitHub CLI is the official, maintained tool
  • Better Permissions: Explicit permissions prevent access issues
  • Error Handling: Handles edge cases like duplicate releases
  • Future-Proof: No deprecated actions
  • Consistent: Same approach across all platform builds

📊 Expected Results:

Before Fix:

❌ create-desktop-release job failed
❌ No GitHub release created
❌ Desktop builds couldn't upload artifacts
❌ Workflow stops with permission error

After Fix:

✅ create-desktop-release job succeeds
✅ GitHub release created with proper notes
✅ Desktop builds upload artifacts successfully
✅ Complete workflow runs end-to-end

🧪 Testing:

The fix maintains compatibility with existing test workflows:

  • Test Workflow (Dry Run) updated
  • ✅ Manual trigger (workflow_dispatch) still works
  • ✅ Automatic trigger on push to main works

🚀 Ready to Deploy:

Your workflow should now:

  1. ✅ Build and test Java application
  2. ✅ Deploy Docker image to production
  3. ✅ Create GitHub release successfully
  4. ✅ Build desktop apps for all platforms
  5. ✅ Upload desktop binaries to the release

The permissions issue is completely resolved! 🎉