Skip to content

Resource not accessible by integration #138

New issue
New issue
Closed as not planned
Closed as not planned
Resource not accessible by integration#138
@Anton-Shutik

Description

@Anton-Shutik
Anton-Shutik
opened on Aug 13, 2021

Trying to use this GH Action and it fails with this error:

Run reload/github-security-jira@v1.x
/usr/bin/docker run --name c8ce5aa104cfed7a462b98612dedac8bd2f9_8755a1 --label 48c8ce --workdir /github/workspace --rm -e GH_SECURITY_TOKEN -e JIRA_TOKEN -e JIRA_HOST -e JIRA_USER -e JIRA_PROJECT -e JIRA_ISSUE_TYPE -e JIRA_WATCHERS -e JIRA_RESTRICTED_COMMENT_ROLE -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/test-gh-actions-alert/test-gh-actions-alert":"/github/workspace" 48c8ce:5aa104cfed7a462b98612dedac8bd2f9

In SyncCommand.php line 199:
                                                                               
  GraphQL client error: Resource not accessible by integration. Original quer  
  y:             query alerts($owner: String!, $repo: String!) {               
                repository(owner: $owner, name: $repo) {                       
                  vulnerabilityAlerts(first: 100) {                            
                    nodes {                                                    
                      securityVulnerability {                                  
                        advisory {                                             
                          ghsaId                                               
                          description                                          
                          identifiers {                                        
                            type                                               
                            value                                              
                          }                                                    
                          references {                                         
                            url                                                
                          }                                                    
                          severity                                             
                          summary                                              
                        }                                                      
                        firstPatchedVersion {                                  
                          identifier                                           
                        }                                                      
                        package {                                              
                          name                                                 
                          ecosystem                                            
                        }                                                      
                        severity                                               
                        updatedAt                                              
                        vulnerableVersionRange                                 
                      }                                                        
                      repository {                                             
                        nameWithOwner                                          
                      }                                                        
                      vulnerableManifestFilename                               
                      vulnerableManifestPath                                   
                      vulnerableRequirements                                   
                    }                                                          
                  }                                                            
                }                                                              
              }                                                                
                                                                               

sync [--dry-run]

What kind of resource can't it find ? I'm pretty sure I've setup it correctly, because I'm able to run it locally via act tool.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions