Can't access Dependabot alerts API via GitHub Action default token

[laughedelic]

Select Topic Area

Bug

Body

Context

I'm trying to access the /repos/{owner}/{repo}/dependabot/alerts API endpoint from GitHub Actions in a private (internal) repository

Steps to reproduce

Here is a minimal workflow to reproduce it:

name: Dependabot alerts

on:
  workflow_dispatch:
  
permissions: write-all

# also tried explicit permissions:
#   contents: write
#   security-events: write

jobs:
  check-alerts:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Call API
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          gh api '/repos/{owner}/{repo}/dependabot/alerts'

What happens

This fails with the message:

gh: Resource not accessible by integration (HTTP 403)
{
  "message": "Resource not accessible by integration",
  "documentation_url": "https://docs.github.com/rest/reference/dependabot#list-dependabot-alerts-for-a-repository"
}

Expectation

This call to the API should work because the Actions token has enough permissions. According to the linked documentation:

You must use an access token with the security_events scope to use this endpoint with private repositories.

I've tried setting security-events: write permission in the workflow, but that didn't help.

Also, according to the announcement:

anyone with repository write or maintain roles will be able to view and act on Dependabot alerts by default

I don't know if this applies to GitHub Actions, but I also tried adding explicit contents: write permissions, which didn't help.

Even with the broadest permissions: write-all, it doesn't work and fails with the same error.

What else I have tried

• I tried running gh auth status to check that the token is passed to the CLI correctly:

  github.com
    ✓ Logged in to github.com as github-actions[bot] (GH_TOKEN)
    ✓ Git operations for github.com configured to use https protocol.
    ✓ Token: ghs_************************************
  

• I tried using GraphQL API (adding to the last step):

            gh api graphql -F owner='{owner}' -F name='{repo}' -f query='
               query($name: String!, $owner: String!) {
                 repository(owner: $owner, name: $name) {
                      vulnerabilityAlerts(first: 10) {
                          nodes {
                              createdAt
                              securityVulnerability {
                                  package {
                                      name
                                  }
                              }
                          }
                      }
                 }
               }'
  

  It didn't fail, but returned an empty result:

  {"data":{"repository":{"vulnerabilityAlerts":{"nodes":[]}}}}
  

• I tried using a PAT with broad access to the repository. It works as expected.
  This is not a solution, because providing such PAT as secret at the org level is a security concern and requires consumers of the reusable workflow to access this secret explicitly.

Question

Since the documentation doesn't mention anything special about GitHub Actions and explicitly says that a token with the right permissions should have access, I assume that this is a bug or an unintentional limitation. Am I missing something? Is it a known bug? Is there any kind of configuration that would allow the intended usage ?

[laughedelic]

I've set up a minimal reproduction public repository in https://github.com/laughedelic/dependabot-alerts-gha-access:

• it has a single dependency that raises a Dependabot alert (you can see update PR: Bump gson from 2.8.8 to 2.8.9 laughedelic/dependabot-alerts-gha-access#1)
• it has a minimal workflow calling API as described above which fails with "Resource not accessible by integration"
  • https://github.com/laughedelic/dependabot-alerts-gha-access/actions/runs/5522438718/jobs/10072024222#step:3:8

[zaataylor]

My Understanding

The default GITHUB_TOKEN alone will never have enough permissions on its own to call the API that lists Dependabot alerts for a specific repository, because the underlying Actions App the token is minted for can't be customized to have the Dependabot alerts read permission.

According to the docs, in order to list events for Dependabot alerts for a repository:

You must use an access token with the security_events scope to use this endpoint with private repositories. You can also use tokens with the public_repo scope for public repositories only. GitHub Apps must have Dependabot alerts read permission to use this endpoint.

Since Actions is a GitHub App (just a special one owned by GitHub), and GITHUB_TOKEN is a per-job token backing the specific installation of the app on a given repository, the Actions app would need to have the Dependabot alerts read permission by default in order for this to work out of the box (i.e. only requiring the user to pass security-events: read as a GITHUB_TOKEN permission in their workflow). Unfortunately, this isn't the case right now.

Non-PAT Workaround

A potential non-PAT approach is described here:

If you need a token that requires permissions that aren't available in the GITHUB_TOKEN, you can create a GitHub App and generate an installation access token within your workflow. For more information, see "Making authenticated API requests with a GitHub App in a GitHub Actions workflow."

Troubleshooting

If you go this route, or just want to verify what permissions might be going wrong in the current scenario, you can follow this section of the troubleshooting doc and examine the value of the X-Accepted-GitHub-Permissions header returned in the request which produced the 403 response you observed earlier.

[WIStudent]

I am running into the same problem when trying to access GET /repos/{owner}/{repo}/dependabot/alerts with job permission security-events: read. The GitHub documentation explicitly says that this endpoint should work with that permission:

Work with GitHub code scanning and Dependabot alerts. For example, security-events: read permits an action to list the Dependabot alerts for the repository, and security-events: write allows an action to update the status of a code scanning alert. For more information, see "Repository permissions for 'Code scanning alerts'" and "Repository permissions for 'Dependabot alerts'" in "Permissions required for GitHub Apps."

This is either not working as intended or the GitHub documentation is wrong.