# ask-community

Sergiy Klymenko

04/20/2023, 8:46 AM
Morning Team, Community I'm currently testing Dagster clous as a POC. My tech stack is: Dagster Cloud as control plane, Github as a CVS and Github Actions as Ci/CD Agents are running on AWS EKS deployed from Helm. With default deployment strategy it seems to work, but when I was trying to test Brunching deployment strategy in Github Actions, the "Build and deploy to Dagster Cloud hybrid" step is failing due to permissions issue (seems to be permissions related to adding comment to the PR):
Copy code
Digest: sha256:732418ccdcd1640fba0380fd719f013caf817d3ca59bfd3c488b947db5859a09
Status: Downloaded newer image for <|>
Traceback (most recent call last):
  File "/", line 81, in <module>
  File "/", line 33, in main
    pr = repo.get_pull(pr_id)
  File "/usr/local/lib/python3.8/site-packages/github/", line 2835, in get_pull
    headers, data = self._requester.requestJsonAndCheck(
  File "/usr/local/lib/python3.8/site-packages/github/", line 398, in requestJsonAndCheck
    return self.__check(
  File "/usr/local/lib/python3.8/site-packages/github/", line 423, in __check
    raise self.__createException(status, responseHeaders, output)
github.GithubException.GithubException: 403 {"message": "Resource not accessible by integration", "documentation_url": "<>"}
but I didn't find any references in the dock regarding special permissions or GIHUB access token required additional configuration. If anyone can point me to the doc or any other suggestions, will highly appreciate it. Thanks in advance

Tim Castillo

04/20/2023, 7:03 PM
Hi Sergiy! Apologies that you're hitting this error. Do you mind sharing which docs you've been following to get this set up? Here's a guide on branch deployments specifically

Sergiy Klymenko

04/21/2023, 7:26 AM
hi Tim. I did follow that doc you mentioned (same a reviewed few other). and after a bit of struggle found the root cause of that problem. My error appeares due to permissions issue (as you can see from the trace) but the source is: All your example workflows: or Doesn't include permissions block which is mandatory: Once I've added:
Copy code
  pull-requests: write
It starts working