Hi,
I am confused with access control and permissions management on repos.
For now, as the owner and admin of a local Gitea instance, I have created an organization. For testing purposes it has been setup as “public”.
Inside, I have created several repos, with default settings.
On my user profile, I have created an Access Token (GITEA_TOKEN) granting all permissions on everything.
One of the repos (REPO_A) contains configuration files, generated by scripts located in another repo (REPO_B).
I have defined a workflow in REPO_B which is supposed to :
- checkout the scripts (from REPO_B)
- checkout the static files (from REPO_A) in a another dir (tmp_dir)
- run the scripts against “tmp_dir” content
- commit the results back into REPO_A if needed
- name: Checkout Scripts files
uses: actions/checkout@v4
with:
ref: main
path: .
persist-credentials: false
- name: Checkout remote static files
uses: actions/checkout@v4
with:
ref: main
repository: REPO_A/STATIC_FILES
path: ./tmp_dir
token: ${{ secrets.GITEA_TOKEN }}
...
- name: Commit Docker related files if needed
run: |
cd ${GITHUB_WORKSPACE}/tmp_dir
git status
git add .
git config user.name "${{ github.actor }}"
git config user.email "${{ github.actor }}@nowhere.com"
git diff --quiet && git diff --staged --quiet \
|| (git commit -m "generated by Gitea [${{ gitea.actor }}]" \
&& git push )
Everything is running fine until it’s time to commit, as I get an error 403 (remote: User permission denied).
I made my first experiments with repos located in my own worspace, the same code was working flawlessly.
So what am I missing ? I have not been able to find a permissions control interface and my access token seems to allow everything everywhere.
I have tried to remove the token in the workflow definition, use “github.token” instead, but nothing improves.
So I am running out of ideas …
Thanks for any help
Regards