Skip to content

fix: add actions:write permission to stale workflow#2079

Merged
mnriem merged 1 commit intogithub:mainfrom
mnriem:fix/stale-workflow-cache-permissions
Apr 3, 2026
Merged

fix: add actions:write permission to stale workflow#2079
mnriem merged 1 commit intogithub:mainfrom
mnriem:fix/stale-workflow-cache-permissions

Conversation

@mnriem
Copy link
Copy Markdown
Collaborator

@mnriem mnriem commented Apr 3, 2026

Problem

The stale workflow marks issues as stale after 150 days but never closes them after the 30-day close window.

Root Cause

actions/stale@v10 uses the GitHub Actions cache to persist state across runs. The workflow only has issues: write and pull-requests: write permissions — it's missing actions: write.

Without that permission, the action can write cache entries but cannot delete them (returns a 403 on cache cleanup):

##[warning]Error delete _state: [403] Resource not accessible by integration

This creates a vicious cycle: once an issue is processed and cached, the action skips it on every future run:

[#96] issue skipped due being processed during the previous run
[#87] issue skipped due being processed during the previous run
[#83] issue skipped due being processed during the previous run
...

So stale issues never reach the closing logic.

Fix

Add actions: write to the workflow permissions block, allowing the stale action to properly manage its cache lifecycle.

Post-Merge

After merging, you may want to clear the existing stale action cache so all issues get reprocessed on the next run:

gh cache list --repo github/spec-kit | grep stale
gh cache delete <cache-key> --repo github/spec-kit

@mnriem
fix: add actions:write permission to stale workflow
04f4dea 
The actions/stale@v10 action uses GitHub Actions cache to persist state
across runs. Without the actions:write permission, the action can write
cache entries but cannot delete them (403 error on cache cleanup).

This causes a vicious cycle: once an issue is processed and cached, the
action skips it on every future run with 'issue skipped due being
processed during the previous run' - so stale issues never reach the
closing logic after being marked stale.

Adding actions:write allows the action to properly manage its cache
lifecycle, enabling stale issues to be closed after the configured
30-day close window.
Copilot AI review requested due to automatic review settings April 3, 2026 14:06
@mnriem mnriem merged commit 8353830 into github:main Apr 3, 2026
11 checks passed
Copilot AI reviewed Apr 3, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes the repository’s stale-issues workflow so it can successfully close issues/PRs after the configured close window by granting the workflow permission to manage the GitHub Actions cache state used by actions/stale@v10.

Changes:

  • Add actions: write to the permissions block in the stale workflow so the action can delete/cleanup its cache entries and avoid permanently skipping previously processed issues.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@mnriem mnriem deleted the fix/stale-workflow-cache-permissions branch April 3, 2026 14:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mnriem