Failing on private repositories because branch already exists.

[bezi]

The fix for #245 now works great for public repositories, but remains broken for private ones. When version 1.3.1 released, my builds continued to fail as before (so this isn't a regression), but now they fail because it seems like the GitHub token isn't enough for a private repo to be searched, which gives the error log dumped below. I confirmed it's the same issue because once I merge in the open PR it still fails, but once I delete the branch (which for my repo is configured to be called "auto-generated-changes") the workflow begins to pass again.

Any idea how I could resolve this? Are there more specific credentials I could pass in to allow the flow to succeed?

My config:

name: Build

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
  schedule:
    - cron: "0 0 * * *"

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2
    - uses: actions/setup-node@v1
      with:
        node-version: "14"
    - uses: borales/[email protected]
    - name: Run build script.
      run: ./build.sh;
    - uses: gr2m/create-or-update-pull-request-action@v1
      with:
        title: "Auto-update generated files."
        commit-message: "[generated] Auto-update generated files."
        branch: "auto-generated-changes"
        author: "Oscar Bezi <[email protected]>"
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Raw logs:

Remote branch "auto-generated-changes" checked out locally.
RequestError [HttpError]: Validation Failed: {"message":"The listed users and repositories cannot be searched either because the resources do not exist or you do not have permission to view them.","resource":"Search","field":"q","code":"invalid"}
    at /home/runner/work/_actions/gr2m/create-or-update-pull-request-action/v1/dist/index.js:4716:23
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
    at async main (/home/runner/work/_actions/gr2m/create-or-update-pull-request-action/v1/dist/index.js:521:24) {
  name: 'HttpError',
  status: 422,
  headers: {
    'access-control-allow-origin': '*',
    'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset',
    'cache-control': 'no-cache',
    connection: 'close',
    'content-length': '301',
    'content-security-policy': "default-src 'none'",
    'content-type': 'application/json; charset=utf-8',
    date: 'Mon, 28 Dec 2020 13:27:06 GMT',
    'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
    server: 'GitHub.com',
    status: '422 Unprocessable Entity',
    'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
    vary: 'Accept, Accept-Encoding, Accept, X-Requested-With',
    'x-content-type-options': 'nosniff',
    'x-frame-options': 'deny',
    'x-github-media-type': 'github.v3; format=json',
    'x-github-request-id': '0401:4EDB:A478E32:105F5515:5FE9DD3A',
    'x-ratelimit-limit': '10',
    'x-ratelimit-remaining': '9',
    'x-ratelimit-reset': '1609162102',
    'x-ratelimit-used': '1',
    'x-xss-protection': '1; mode=block'
  },
  request: {
    method: 'GET',
    url: 'https://api.github.com/search/issues?q=head%3Aauto-generated-changes%20type%3Apr%20is%3Aopen%20repo%3Abezi%2Fdndata',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'octokit-request.js/5.4.10 Node.js/12.13.1 (linux; x64)'
    }
  },
  errors: [
    {
      message: 'The listed users and repositories cannot be searched either because the resources do not exist or you do not have permission to view them.',
      resource: 'Search',
      field: 'q',
      code: 'invalid'
    }
  ],
  documentation_url: 'https://docs.github.com/v3/search/'
}
Error: Validation Failed: {"message":"The listed users and repositories cannot be searched either because the resources do not exist or you do not have permission to view them.","resource":"Search","field":"q","code":"invalid"}

[gr2m]

Any idea how I could resolve this

Could you try to create a repository secret for a personal access token with the repo scope, and then use that secret instead of secrets.GITHUB_TOKEN in the workflow?

[gr2m]

I use the search API to find out if there is an open pull request for the existing branch. There might be another way to achieve this, maybe using the GraphQL API, but I'm not sure

[sinaa]

I think this was due to the missing auth header in the search request (as present in other requests). PR opened: #282