ERROR: Resource not accessible by personal access token

[blampe]

Brief description of your issue

At a high level, as far as I can tell the tool always forks a repo when creating a PR. This makes the tool incompatible with fine-grained tokens, which can belong to organizations. (Forking uses the user as its owner, instead of the org.)

The tool could be made compatible with fine-grained tokens if it exposed an option to control whether to fork or not (or, alternatively, expose an option to configure the fork's owner).

pulumi/pulumi#14449 is an example of a similar bug and fix with a GitHub action responsible for bumping homebrew formulas.

Steps to reproduce

• Create a fine-grained access token with repo content (write).
• Assign the token's owner to a GitHub Organization.
• Perform an update

Full logs here: https://github.com/pulumi/pulumi-winget/actions/runs/6673483855/job/18139127744

$download_exists = Test-Path -Path ./src/download-url.txt -PathType Leaf
  if (!$download_exists) {
    echo "./src/download-url.txt file was not found, this means we skipped generating an installer"
    return
  }
  
  $github_token = "***"
  $downloadUrl = Get-Content -Path ./src/download-url.txt
  $version = Get-Content -Path ./src/version.txt
  iwr https://aka.ms/wingetcreate/latest -OutFile wingetcreate.exe
  .\wingetcreate.exe update Pulumi.Pulumi --urls $downloadUrl --version $version --token $github_token --submit
  shell: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE -command ". '{0}'"
  env:
    GITHUB_TOKEN: ***
    DOTNET_ROOT: C:\Users\runneradmin\AppData\Local\Microsoft\dotnet
Telemetry Settings
------------------
The Windows Package Manager Manifest Creator collects usage data in order to improve your experience.
The data is anonymous and collected only by Microsoft.
By default, telemetry is enabled but can be disabled by running `wingetcreate settings` and editing your settings file.

Retrieving latest manifest for Pulumi.Pulumi
Downloading and parsing: https://github.com/pulumi/pulumi-winget/releases/download/v3.91.1/pulumi-3.91.1-windows-x64.msi...
Generating a preview of your manifests...
Version manifest preview:
# Created using wingetcreate 1.5.5.0
# yaml-language-server: $schema=https://aka.ms/winget-manifest.version.1.5.0.schema.json

PackageIdentifier: Pulumi.Pulumi
PackageVersion: 3.91.1
DefaultLocale: en-US
ManifestType: version
ManifestVersion: 1.5.0

Installer manifest preview:
# Created using wingetcreate 1.5.5.0
# yaml-language-server: $schema=https://aka.ms/winget-manifest.installer.1.5.0.schema.json

PackageIdentifier: Pulumi.Pulumi
PackageVersion: 3.91.1
MinimumOSVersion: 10.0.0.0
InstallerType: wix
ProductCode: '{457D32D7-1BE8-47CF-ACB9-124AAE75C46F}'
Installers:
- Architecture: x64
  InstallerUrl: https://github.com/pulumi/pulumi-winget/releases/download/v3.91.1/pulumi-3.91.1-windows-x64.msi
  InstallerSha256: 70FC1541BAF8F28B71F6FBE18FAFA20F74AF26D790ED5BD04692774359CD4FAA
ManifestType: installer
ManifestVersion: 1.5.0

Default locale manifest preview:
# Created using wingetcreate 1.5.5.0
# yaml-language-server: $schema=https://aka.ms/winget-manifest.defaultLocale.1.5.0.schema.json

PackageIdentifier: Pulumi.Pulumi
PackageVersion: 3.91.1
PackageLocale: en-US
Publisher: Pulumi Corp
PackageName: Pulumi
PackageUrl: https://www.pulumi.com/
License: Apache License 2.0
LicenseUrl: https://github.com/pulumi/pulumi/blob/master/LICENSE
ShortDescription: Pulumi CLI for managing modern infrastructure as code
ManifestType: defaultLocale
ManifestVersion: 1.5.0


Manifest saved to D:\a\pulumi-winget\pulumi-winget\manifests\p\Pulumi\Pulumi\3.91.1

Manifest validation succeeded: True

Submitting pull request for manifest...

ERROR: Resource not accessible by personal access token

Expected behavior

The tool should be compatible with a fine-grained token with repo content (write) permission.

Actual behavior

Forking fails:

ERROR: Resource not accessible by personal access token

Environment

See GHA logs.

[mdanish-kh]

This looks related to:

• Support fine-grained tokens #595