Looks like Github’s locked down the access rights of the GITHUB_TOKEN recently. This is the token that’s available to all Github actions by default.

After taking a GoReleaser config file from an old project and using it in a new one, I encountered this error when GoReleaser tried to publish the binaries as part of a Github Release:

failed to publish artifacts:
could not release:
PATCH https://api.github.com/repos/lmika/<project>/releases/139475588:
403 Resource not accessible by integration []

After a quick search, I found this Github issue which seemed to cover the same problem. It looks like the way to resolve this is to explicitly add the content: write permission to the Github Actions YAML file:

name: Create Release

on:
  push:
    tags:
      - 'v*'

# Add this section
permissions:
  contents: write
  
jobs:
  build:
    runs-on: ubuntu-latest

And sure enough, after adding the permissions section, Goreleaser was able to publish the binaries once again.

There’s a bunch of other permissions that might be helpful for other things, should you need it.