commit status publisher using github's fine grained personal access token - no push access to the repository
Hello Everyone!
I try to set up Commit Status Publisher using Github's fine-grained personal access token. Test connection shows “There is no push access to the repository”. The “Commit statuses” permission is set to “Read and Write” and the
“Contents” permission is set to “Read-only” in the fine-grained personal access token settings. I've been using the
Commit Status Publisher before with the use of the “Classic” personal access token without any issues. In theory,
according to the GitHub's documentation (https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28)
I need to have access to the /repos/{owner}/{repo}/statuses/{sha} endpoint which should be granted by the “Commit statuses” permission set to “Read and Write”.
I'm using TeamCity Professional 2023.11.2 (build 147486) on-premise version.
Am I missing something?
Thanks in advance!
Lukas
Please sign in to leave a comment.
I find it quite unusual. I'm unable to replicate the issue on my end. Could you kindly provide a screenshot of the access token permission page? Alternatively, you could create a new token for testing purposes if that's feasible?
That's the screenshot of the fine-grained personal access token. I'm wondering if the account matters because it worked on my classic PAT, but then I move do the other account (some kind of the generic, bot account) and I tried to use the fine-grained PAT. Is there a possibility that the new account doesn't have the wirte access to that repository inside our org even if the fine-grained PAT allows it?
You can save the connection direclty without Test it. And could you please help to check if actual status publishing is working ?
If it does, it should be a bug, you can create an issue in our public youtrack (https://youtrack.jetbrains.com/issues/TW) with detail information and reproduce steps.
Best Regards,
Tom
I've saved it without testing the connection and actual status publishing isn't working.
Update:
It turned out that the account didn't have a `write` permission in the repository. So the following statement is true “Is there a possibility that the new account doesn't have the write access to that repository inside our org even if the fine-grained PAT allows it?”. It seems that it works as expected, and I didn't catch that nuance.
Thanks for the response, and have a nice weekend!
To be closed