Include request IDs in errors when available.

chrisgavin · chrisgavin · commit 9a5e0795396e · 2022-05-30T11:26:49.000+01:00
diff --git a/internal/githubapiutil/githubapiutil.go b/internal/githubapiutil/githubapiutil.go
@@ -4,9 +4,11 @@ import (
 	"strings"
 
 	"github.com/google/go-github/v32/github"
+	"github.com/pkg/errors"
 )
 
 const xOAuthScopesHeader = "X-OAuth-Scopes"
+const xGitHubRequestIDHeader = "X-GitHub-Request-ID"
 
 func HasAnyScope(response *github.Response, scopes ...string) bool {
 	if response == nil {
@@ -26,3 +28,14 @@ func HasAnyScope(response *github.Response, scopes ...string) bool {
 	}
 	return false
 }
+
+func EnrichResponseError(response *github.Response, err error, message string) error {
+	requestID := ""
+	if response != nil {
+		requestID = response.Header.Get(xGitHubRequestIDHeader)
+	}
+	if requestID != "" {
+		message = message + " (" + requestID + ")"
+	}
+	return errors.Wrap(err, message)
+}
diff --git a/internal/githubapiutil/githubapiutil_test.go b/internal/githubapiutil/githubapiutil_test.go
@@ -1,6 +1,7 @@
 package githubapiutil
 
 import (
+	"errors"
 	"net/http"
 	"testing"
 
@@ -23,3 +24,16 @@ func TestHasAnyScope(t *testing.T) {
 	response.Header.Set(xOAuthScopesHeader, "gist, notifications, admin:org")
 	require.False(t, HasAnyScope(&response, "public_repo", "repo"))
 }
+
+func TestEnrichErrorResponse(t *testing.T) {
+	response := github.Response{
+		Response: &http.Response{Header: http.Header{}},
+	}
+
+	require.Equal(t, "The error message.: The underlying error.", EnrichResponseError(nil, errors.New("The underlying error."), "The error message.").Error())
+
+	require.Equal(t, "The error message.: The underlying error.", EnrichResponseError(&response, errors.New("The underlying error."), "The error message.").Error())
+
+	response.Header.Set(xGitHubRequestIDHeader, "AAAA:BBBB:CCCCCCC:DDDDDDD:EEEEEEEE")
+	require.Equal(t, "The error message. (AAAA:BBBB:CCCCCCC:DDDDDDD:EEEEEEEE): The underlying error.", EnrichResponseError(&response, errors.New("The underlying error."), "The error message.").Error())
+}
diff --git a/internal/pull/pull.go b/internal/pull/pull.go
@@ -13,6 +13,7 @@ import (
 	log "github.com/sirupsen/logrus"
 
 	"github.com/github/codeql-action-sync/internal/actionconfiguration"
+	"github.com/github/codeql-action-sync/internal/githubapiutil"
 	"github.com/mitchellh/ioprogress"
 	"golang.org/x/oauth2"
 
@@ -191,9 +192,9 @@ func (pullService *pullService) pullReleases() error {
 
 	for index, releaseTag := range relevantReleases {
 		log.Debugf("Pulling CodeQL bundle %s (%d/%d)...", releaseTag, index+1, len(relevantReleases))
-		release, _, err := pullService.githubDotComClient.Repositories.GetReleaseByTag(pullService.ctx, sourceOwner, sourceRepository, releaseTag)
+		release, response, err := pullService.githubDotComClient.Repositories.GetReleaseByTag(pullService.ctx, sourceOwner, sourceRepository, releaseTag)
 		if err != nil {
-			return errors.Wrap(err, "Error loading CodeQL release information.")
+			return githubapiutil.EnrichResponseError(response, err, "Error loading CodeQL release information.")
 		}
 		err = os.MkdirAll(pullService.cacheDirectory.ReleasePath(releaseTag), 0755)
 		if err != nil {
diff --git a/internal/push/push.go b/internal/push/push.go
@@ -72,7 +72,7 @@ func (pushService *pushService) createRepository() (*github.Repository, error) {
 		if response != nil && response.StatusCode == http.StatusUnauthorized {
 			return nil, usererrors.New(errorInvalidDestinationToken)
 		}
-		return nil, errors.Wrap(err, "Error getting current user.")
+		return nil, githubapiutil.EnrichResponseError(response, err, "Error getting current user.")
 	}
 
 	// When creating a repository we can either create it in a named organization or under the current user (represented in go-github by an empty string).
@@ -84,39 +84,39 @@ func (pushService *pushService) createRepository() (*github.Repository, error) {
 	if destinationOrganization != "" {
 		_, response, err := pushService.githubEnterpriseClient.Organizations.Get(pushService.ctx, pushService.destinationRepositoryOwner)
 		if err != nil && (response == nil || response.StatusCode != http.StatusNotFound) {
-			return nil, errors.Wrap(err, "Error checking if destination organization exists.")
+			return nil, githubapiutil.EnrichResponseError(response, err, "Error checking if destination organization exists.")
 		}
 		if response != nil && response.StatusCode == http.StatusNotFound {
 			log.Debugf("The organization %s does not exist. Creating it...", pushService.destinationRepositoryOwner)
-			_, _, err := pushService.githubEnterpriseClient.Admin.CreateOrg(pushService.ctx, &github.Organization{
+			_, response, err := pushService.githubEnterpriseClient.Admin.CreateOrg(pushService.ctx, &github.Organization{
 				Login: github.String(pushService.destinationRepositoryOwner),
 				Name:  github.String(pushService.destinationRepositoryOwner),
 			}, user.GetLogin())
 			if err != nil {
 				if response != nil && response.StatusCode == http.StatusNotFound && !githubapiutil.HasAnyScope(response, "site_admin") {
 					return nil, usererrors.New("The destination token you have provided does not have the `site_admin` scope, so the destination organization cannot be created.")
 				}
-				return nil, errors.Wrap(err, "Error creating organization.")
+				return nil, githubapiutil.EnrichResponseError(response, err, "Error creating organization.")
 			}
 		}
 
 		_, response, err = pushService.githubEnterpriseClient.Organizations.IsMember(pushService.ctx, pushService.destinationRepositoryOwner, user.GetLogin())
 		if err != nil {
-			return nil, errors.Wrap(err, "Failed to check membership of destination organization.")
+			return nil, githubapiutil.EnrichResponseError(response, err, "Failed to check membership of destination organization.")
 		}
 		if (response.StatusCode == http.StatusFound || response.StatusCode == http.StatusNotFound) && githubapiutil.HasAnyScope(response, "site_admin") {
 			log.Debugf("No access to destination organization (status code %d). Switching to impersonation token for %s...", response.StatusCode, pushService.actionsAdminUser)
-			impersonationToken, _, err := pushService.githubEnterpriseClient.Admin.CreateUserImpersonation(pushService.ctx, pushService.actionsAdminUser, &github.ImpersonateUserOptions{Scopes: []string{minimumRepositoryScope, "workflow"}})
+			impersonationToken, response, err := pushService.githubEnterpriseClient.Admin.CreateUserImpersonation(pushService.ctx, pushService.actionsAdminUser, &github.ImpersonateUserOptions{Scopes: []string{minimumRepositoryScope, "workflow"}})
 			if err != nil {
-				return nil, errors.Wrap(err, "Failed to impersonate Actions admin user.")
+				return nil, githubapiutil.EnrichResponseError(response, err, "Failed to impersonate Actions admin user.")
 			}
 			pushService.destinationToken.AccessToken = impersonationToken.GetToken()
 		}
 	}
 
 	repository, response, err := pushService.githubEnterpriseClient.Repositories.Get(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName)
 	if err != nil && (response == nil || response.StatusCode != http.StatusNotFound) {
-		return nil, errors.Wrap(err, "Error checking if destination repository exists.")
+		return nil, githubapiutil.EnrichResponseError(response, err, "Error checking if destination repository exists.")
 	}
 	if response.StatusCode != http.StatusNotFound && repositoryHomepage != repository.GetHomepage() && !pushService.force {
 		return nil, errors.Errorf(errorAlreadyExists)
@@ -143,7 +143,7 @@ func (pushService *pushService) createRepository() (*github.Repository, error) {
 			if response.StatusCode == http.StatusNotFound && !githubapiutil.HasAnyScope(response, acceptableRepositoryScopes...) {
 				return nil, fmt.Errorf("The destination token you have provided does not have the `%s` scope.", minimumRepositoryScope)
 			}
-			return nil, errors.Wrap(err, "Error creating destination repository.")
+			return nil, githubapiutil.EnrichResponseError(response, err, "Error creating destination repository.")
 		}
 	} else {
 		log.Debug("Repository already exists. Updating its metadata...")
@@ -156,7 +156,7 @@ func (pushService *pushService) createRepository() (*github.Repository, error) {
 					return nil, fmt.Errorf("You don't have permission to update the repository at %s/%s. If you wish to update the bundled CodeQL Action please provide a token with the `site_admin` scope.", pushService.destinationRepositoryOwner, pushService.destinationRepositoryName)
 				}
 			}
-			return nil, errors.Wrap(err, "Error updating destination repository.")
+			return nil, githubapiutil.EnrichResponseError(response, err, "Error updating destination repository.")
 		}
 	}
 
@@ -212,6 +212,7 @@ func (pushService *pushService) pushGit(repository *github.Repository, initialPu
 	}
 	refSpecBatches = append(refSpecBatches, deleteRefSpecs)
 
+	defaultBrachRefSpec := "+refs/heads/main:refs/heads/main"
 	if initialPush {
 		releasePathStats, err := ioutil.ReadDir(pushService.cacheDirectory.ReleasesPath())
 		if err != nil {
@@ -228,10 +229,10 @@ func (pushService *pushService) pushGit(repository *github.Repository, initialPu
 		}
 		refSpecBatches = append(refSpecBatches, initialRefSpecs)
 	} else {
-		// We've got to push `main` on its own, so that it will be made the default branch if the repository has just been created. We then push everything else afterwards.
+		// We've got to push the default branch on its own, so that it will be made the default branch if the repository has just been created. We then push everything else afterwards.
 		refSpecBatches = append(refSpecBatches,
 			[]config.RefSpec{
-				config.RefSpec("+refs/heads/main:refs/heads/main"),
+				config.RefSpec(defaultBrachRefSpec),
 			},
 			[]config.RefSpec{
 				config.RefSpec("+refs/*:refs/*"),
@@ -245,6 +246,32 @@ func (pushService *pushService) pushGit(repository *github.Repository, initialPu
 				Auth:     credentials,
 				Progress: os.Stderr,
 			})
+			if err != nil && strings.Contains(err.Error(), "pre-receive hook declined") {
+				log.Warn("Push was rejected by a pre-receive hook. This may be because force-pushing is not allowed. Will try and remove and recreate the branch.")
+				if len(refSpecs) == 1 && refSpecs[0].String() == defaultBrachRefSpec {
+					// todo
+				}
+				negativeRefSpecs := []config.RefSpec{}
+				for _, refSpec := range refSpecs {
+					negativeRefSpecs = append(negativeRefSpecs, config.RefSpec(":"+refSpec.Src()))
+					err = remote.PushContext(pushService.ctx, &git.PushOptions{
+						RefSpecs: negativeRefSpecs,
+						Auth:     credentials,
+						Progress: os.Stderr,
+					})
+					if err != nil {
+						return errors.Wrap(err, "Error removing existing refs.")
+					}
+					err = remote.PushContext(pushService.ctx, &git.PushOptions{
+						RefSpecs: refSpecs,
+						Auth:     credentials,
+						Progress: os.Stderr,
+					})
+					if err != nil && errors.Cause(err) != git.NoErrAlreadyUpToDate {
+						return errors.Wrap(err, "Error pushing Action to GitHub Enterprise Server.")
+					}
+				}
+			}
 			if err != nil && errors.Cause(err) != git.NoErrAlreadyUpToDate {
 				return errors.Wrap(err, "Error pushing Action to GitHub Enterprise Server.")
 			}
@@ -270,20 +297,20 @@ func (pushService *pushService) createOrUpdateRelease(releaseName string) (*gith
 
 	release, response, err := pushService.githubEnterpriseClient.Repositories.GetReleaseByTag(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, releaseMetadata.GetTagName())
 	if err != nil && response.StatusCode != http.StatusNotFound {
-		return nil, errors.Wrap(err, "Error checking for existing CodeQL release.")
+		return nil, githubapiutil.EnrichResponseError(response, err, "Error checking for existing CodeQL release.")
 	}
 	if release == nil {
 		log.Debugf("Creating release %s...", releaseMetadata.GetTagName())
-		release, _, err := pushService.githubEnterpriseClient.Repositories.CreateRelease(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, &releaseMetadata)
+		release, response, err := pushService.githubEnterpriseClient.Repositories.CreateRelease(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, &releaseMetadata)
 		if err != nil {
-			return nil, errors.Wrap(err, "Error creating release.")
+			return nil, githubapiutil.EnrichResponseError(response, err, "Error creating release.")
 		}
 		return release, nil
 	}
-	release, _, err = pushService.githubEnterpriseClient.Repositories.EditRelease(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, release.GetID(), &releaseMetadata)
+	release, response, err = pushService.githubEnterpriseClient.Repositories.EditRelease(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, release.GetID(), &releaseMetadata)
 	if err != nil {
 		log.Debugf("Updating release %s...", releaseMetadata.GetTagName())
-		return nil, errors.Wrap(err, "Error updating release.")
+		return nil, githubapiutil.EnrichResponseError(response, err, "Error updating release.")
 	}
 	return release, nil
 }
@@ -301,7 +328,7 @@ func (pushService *pushService) uploadReleaseAsset(release *github.RepositoryRel
 	asset := &github.ReleaseAsset{}
 	response, err := pushService.githubEnterpriseClient.Do(pushService.ctx, request, asset)
 	if err != nil {
-		return nil, response, errors.Wrap(err, "Error uploading release asset.")
+		return nil, response, githubapiutil.EnrichResponseError(response, err, "Error uploading release asset.")
 	}
 	return asset, response, nil
 }
@@ -315,9 +342,9 @@ func (pushService *pushService) createOrUpdateReleaseAsset(release *github.Repos
 				return nil
 			} else {
 				log.Warnf("Removing existing release asset %s because it was only partially-uploaded (had size %d, but should have been %d)...", existingAsset.GetName(), actualSize, expectedSize)
-				_, err := pushService.githubEnterpriseClient.Repositories.DeleteReleaseAsset(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, existingAsset.GetID())
+				response, err := pushService.githubEnterpriseClient.Repositories.DeleteReleaseAsset(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, existingAsset.GetID())
 				if err != nil {
-					return errors.Wrap(err, "Error deleting existing release asset.")
+					return githubapiutil.EnrichResponseError(response, err, "Error deleting existing release asset.")
 				}
 			}
 		}
@@ -333,9 +360,9 @@ func (pushService *pushService) createOrUpdateReleaseAsset(release *github.Repos
 	if err != nil {
 		return errors.Wrap(err, "Error opening release asset.")
 	}
-	_, _, err = pushService.uploadReleaseAsset(release, assetPathStat, progressReader)
+	_, response, err := pushService.uploadReleaseAsset(release, assetPathStat, progressReader)
 	if err != nil {
-		return errors.Wrap(err, "Error uploading release asset.")
+		return githubapiutil.EnrichResponseError(response, err, "Error uploading release asset.")
 	}
 	return nil
 }
@@ -358,9 +385,9 @@ func (pushService *pushService) pushReleases() error {
 
 		existingAssets := []*github.ReleaseAsset{}
 		for page := 1; ; page++ {
-			assets, _, err := pushService.githubEnterpriseClient.Repositories.ListReleaseAssets(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, release.GetID(), &github.ListOptions{Page: page})
+			assets, response, err := pushService.githubEnterpriseClient.Repositories.ListReleaseAssets(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, release.GetID(), &github.ListOptions{Page: page})
 			if err != nil {
-				return errors.Wrap(err, "Error fetching existing release assets.")
+				return githubapiutil.EnrichResponseError(response, err, "Error fetching existing release assets.")
 			}
 			if len(assets) == 0 {
 				break
@@ -376,7 +403,7 @@ func (pushService *pushService) pushReleases() error {
 		for _, assetPathStat := range assetPathStats {
 			err := pushService.createOrUpdateReleaseAsset(release, existingAssets, assetPathStat)
 			if err != nil {
-				return errors.Wrap(err, "Error uploading release assets.")
+				return err
 			}
 		}
 	}
@@ -410,7 +437,7 @@ func Push(ctx context.Context, cacheDirectory cachedirectory.CacheDirectory, des
 	}
 	rootResponse, err := client.Do(ctx, rootRequest, nil)
 	if err != nil {
-		return errors.Wrap(err, "Error checking connectivity for GitHub Enterprise client.")
+		return githubapiutil.EnrichResponseError(rootResponse, err, "Error checking connectivity for GitHub Enterprise client.")
 	}
 	if rootRequest.URL != rootResponse.Request.URL {
 		updatedBaseURL, _ := url.Parse(client.BaseURL.String())

Original file line number	Diff line number	Diff line change
`@@ -72,7 +72,7 @@ func (pushService pushService) createRepository() (github.Repository, error) {`
`72`	`72`	`if response != nil && response.StatusCode == http.StatusUnauthorized {`
`73`	`73`	`return nil, usererrors.New(errorInvalidDestinationToken)`
`74`	`74`	`}`
`75`		`- return nil, errors.Wrap(err, "Error getting current user.")`
	`75`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error getting current user.")`
`76`	`76`	`}`
`77`	`77`
`78`	`78`	`// When creating a repository we can either create it in a named organization or under the current user (represented in go-github by an empty string).`
`@@ -84,39 +84,39 @@ func (pushService pushService) createRepository() (github.Repository, error) {`
`84`	`84`	`if destinationOrganization != "" {`
`85`	`85`	`_, response, err := pushService.githubEnterpriseClient.Organizations.Get(pushService.ctx, pushService.destinationRepositoryOwner)`
`86`	`86`	`if err != nil && (response == nil \|\| response.StatusCode != http.StatusNotFound) {`
`87`		`- return nil, errors.Wrap(err, "Error checking if destination organization exists.")`
	`87`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error checking if destination organization exists.")`
`88`	`88`	`}`
`89`	`89`	`if response != nil && response.StatusCode == http.StatusNotFound {`
`90`	`90`	`log.Debugf("The organization %s does not exist. Creating it...", pushService.destinationRepositoryOwner)`
`91`		`- _, _, err := pushService.githubEnterpriseClient.Admin.CreateOrg(pushService.ctx, &github.Organization{`
	`91`	`+ _, response, err := pushService.githubEnterpriseClient.Admin.CreateOrg(pushService.ctx, &github.Organization{`
`92`	`92`	`Login: github.String(pushService.destinationRepositoryOwner),`
`93`	`93`	`Name: github.String(pushService.destinationRepositoryOwner),`
`94`	`94`	`}, user.GetLogin())`
`95`	`95`	`if err != nil {`
`96`	`96`	`if response != nil && response.StatusCode == http.StatusNotFound && !githubapiutil.HasAnyScope(response, "site_admin") {`
`97`	`97`	return nil, usererrors.New("The destination token you have provided does not have the `site_admin` scope, so the destination organization cannot be created.")
`98`	`98`	`}`
`99`		`- return nil, errors.Wrap(err, "Error creating organization.")`
	`99`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error creating organization.")`
`100`	`100`	`}`
`101`	`101`	`}`
`102`	`102`
`103`	`103`	`_, response, err = pushService.githubEnterpriseClient.Organizations.IsMember(pushService.ctx, pushService.destinationRepositoryOwner, user.GetLogin())`
`104`	`104`	`if err != nil {`
`105`		`- return nil, errors.Wrap(err, "Failed to check membership of destination organization.")`
	`105`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Failed to check membership of destination organization.")`
`106`	`106`	`}`
`107`	`107`	`if (response.StatusCode == http.StatusFound \|\| response.StatusCode == http.StatusNotFound) && githubapiutil.HasAnyScope(response, "site_admin") {`
`108`	`108`	`log.Debugf("No access to destination organization (status code %d). Switching to impersonation token for %s...", response.StatusCode, pushService.actionsAdminUser)`
`109`		`- impersonationToken, _, err := pushService.githubEnterpriseClient.Admin.CreateUserImpersonation(pushService.ctx, pushService.actionsAdminUser, &github.ImpersonateUserOptions{Scopes: []string{minimumRepositoryScope, "workflow"}})`
	`109`	`+ impersonationToken, response, err := pushService.githubEnterpriseClient.Admin.CreateUserImpersonation(pushService.ctx, pushService.actionsAdminUser, &github.ImpersonateUserOptions{Scopes: []string{minimumRepositoryScope, "workflow"}})`
`110`	`110`	`if err != nil {`
`111`		`- return nil, errors.Wrap(err, "Failed to impersonate Actions admin user.")`
	`111`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Failed to impersonate Actions admin user.")`
`112`	`112`	`}`
`113`	`113`	`pushService.destinationToken.AccessToken = impersonationToken.GetToken()`
`114`	`114`	`}`
`115`	`115`	`}`
`116`	`116`
`117`	`117`	`repository, response, err := pushService.githubEnterpriseClient.Repositories.Get(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName)`
`118`	`118`	`if err != nil && (response == nil \|\| response.StatusCode != http.StatusNotFound) {`
`119`		`- return nil, errors.Wrap(err, "Error checking if destination repository exists.")`
	`119`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error checking if destination repository exists.")`
`120`	`120`	`}`
`121`	`121`	`if response.StatusCode != http.StatusNotFound && repositoryHomepage != repository.GetHomepage() && !pushService.force {`
`122`	`122`	`return nil, errors.Errorf(errorAlreadyExists)`
`@@ -143,7 +143,7 @@ func (pushService pushService) createRepository() (github.Repository, error) {`
`143`	`143`	`if response.StatusCode == http.StatusNotFound && !githubapiutil.HasAnyScope(response, acceptableRepositoryScopes...) {`
`144`	`144`	return nil, fmt.Errorf("The destination token you have provided does not have the `%s` scope.", minimumRepositoryScope)
`145`	`145`	`}`
`146`		`- return nil, errors.Wrap(err, "Error creating destination repository.")`
	`146`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error creating destination repository.")`
`147`	`147`	`}`
`148`	`148`	`} else {`
`149`	`149`	`log.Debug("Repository already exists. Updating its metadata...")`
`@@ -156,7 +156,7 @@ func (pushService pushService) createRepository() (github.Repository, error) {`
`156`	`156`	return nil, fmt.Errorf("You don't have permission to update the repository at %s/%s. If you wish to update the bundled CodeQL Action please provide a token with the `site_admin` scope.", pushService.destinationRepositoryOwner, pushService.destinationRepositoryName)
`157`	`157`	`}`
`158`	`158`	`}`
`159`		`- return nil, errors.Wrap(err, "Error updating destination repository.")`
	`159`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error updating destination repository.")`
`160`	`160`	`}`
`161`	`161`	`}`
`162`	`162`
`@@ -212,6 +212,7 @@ func (pushService pushService) pushGit(repository github.Repository, initialPu`
`212`	`212`	`}`
`213`	`213`	`refSpecBatches = append(refSpecBatches, deleteRefSpecs)`
`214`	`214`
	`215`	`+ defaultBrachRefSpec := "+refs/heads/main:refs/heads/main"`
`215`	`216`	`if initialPush {`
`216`	`217`	`releasePathStats, err := ioutil.ReadDir(pushService.cacheDirectory.ReleasesPath())`
`217`	`218`	`if err != nil {`
`@@ -228,10 +229,10 @@ func (pushService pushService) pushGit(repository github.Repository, initialPu`
`228`	`229`	`}`
`229`	`230`	`refSpecBatches = append(refSpecBatches, initialRefSpecs)`
`230`	`231`	`} else {`
`231`		- // We've got to push `main` on its own, so that it will be made the default branch if the repository has just been created. We then push everything else afterwards.
	`232`	`+ // We've got to push the default branch on its own, so that it will be made the default branch if the repository has just been created. We then push everything else afterwards.`
`232`	`233`	`refSpecBatches = append(refSpecBatches,`
`233`	`234`	`[]config.RefSpec{`
`234`		`- config.RefSpec("+refs/heads/main:refs/heads/main"),`
	`235`	`+ config.RefSpec(defaultBrachRefSpec),`
`235`	`236`	`},`
`236`	`237`	`[]config.RefSpec{`
`237`	`238`	`config.RefSpec("+refs/:refs/"),`
`@@ -245,6 +246,32 @@ func (pushService pushService) pushGit(repository github.Repository, initialPu`
`245`	`246`	`Auth: credentials,`
`246`	`247`	`Progress: os.Stderr,`
`247`	`248`	`})`
	`249`	`+ if err != nil && strings.Contains(err.Error(), "pre-receive hook declined") {`
	`250`	`+ log.Warn("Push was rejected by a pre-receive hook. This may be because force-pushing is not allowed. Will try and remove and recreate the branch.")`
	`251`	`+ if len(refSpecs) == 1 && refSpecs[0].String() == defaultBrachRefSpec {`
	`252`	`+ // todo`
	`253`	`+ }`
	`254`	`+ negativeRefSpecs := []config.RefSpec{}`
	`255`	`+ for _, refSpec := range refSpecs {`
	`256`	`+ negativeRefSpecs = append(negativeRefSpecs, config.RefSpec(":"+refSpec.Src()))`
	`257`	`+ err = remote.PushContext(pushService.ctx, &git.PushOptions{`
	`258`	`+ RefSpecs: negativeRefSpecs,`
	`259`	`+ Auth: credentials,`
	`260`	`+ Progress: os.Stderr,`
	`261`	`+ })`
	`262`	`+ if err != nil {`
	`263`	`+ return errors.Wrap(err, "Error removing existing refs.")`
	`264`	`+ }`
	`265`	`+ err = remote.PushContext(pushService.ctx, &git.PushOptions{`
	`266`	`+ RefSpecs: refSpecs,`
	`267`	`+ Auth: credentials,`
	`268`	`+ Progress: os.Stderr,`
	`269`	`+ })`
	`270`	`+ if err != nil && errors.Cause(err) != git.NoErrAlreadyUpToDate {`
	`271`	`+ return errors.Wrap(err, "Error pushing Action to GitHub Enterprise Server.")`
	`272`	`+ }`
	`273`	`+ }`
	`274`	`+ }`
`248`	`275`	`if err != nil && errors.Cause(err) != git.NoErrAlreadyUpToDate {`
`249`	`276`	`return errors.Wrap(err, "Error pushing Action to GitHub Enterprise Server.")`
`250`	`277`	`}`
`@@ -270,20 +297,20 @@ func (pushService pushService) createOrUpdateRelease(releaseName string) (gith`
`270`	`297`
`271`	`298`	`release, response, err := pushService.githubEnterpriseClient.Repositories.GetReleaseByTag(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, releaseMetadata.GetTagName())`
`272`	`299`	`if err != nil && response.StatusCode != http.StatusNotFound {`
`273`		`- return nil, errors.Wrap(err, "Error checking for existing CodeQL release.")`
	`300`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error checking for existing CodeQL release.")`
`274`	`301`	`}`
`275`	`302`	`if release == nil {`
`276`	`303`	`log.Debugf("Creating release %s...", releaseMetadata.GetTagName())`
`277`		`- release, _, err := pushService.githubEnterpriseClient.Repositories.CreateRelease(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, &releaseMetadata)`
	`304`	`+ release, response, err := pushService.githubEnterpriseClient.Repositories.CreateRelease(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, &releaseMetadata)`
`278`	`305`	`if err != nil {`
`279`		`- return nil, errors.Wrap(err, "Error creating release.")`
	`306`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error creating release.")`
`280`	`307`	`}`
`281`	`308`	`return release, nil`
`282`	`309`	`}`
`283`		`- release, _, err = pushService.githubEnterpriseClient.Repositories.EditRelease(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, release.GetID(), &releaseMetadata)`
	`310`	`+ release, response, err = pushService.githubEnterpriseClient.Repositories.EditRelease(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, release.GetID(), &releaseMetadata)`
`284`	`311`	`if err != nil {`
`285`	`312`	`log.Debugf("Updating release %s...", releaseMetadata.GetTagName())`
`286`		`- return nil, errors.Wrap(err, "Error updating release.")`
	`313`	`+ return nil, githubapiutil.EnrichResponseError(response, err, "Error updating release.")`
`287`	`314`	`}`
`288`	`315`	`return release, nil`
`289`	`316`	`}`
`@@ -301,7 +328,7 @@ func (pushService pushService) uploadReleaseAsset(release github.RepositoryRel`
`301`	`328`	`asset := &github.ReleaseAsset{}`
`302`	`329`	`response, err := pushService.githubEnterpriseClient.Do(pushService.ctx, request, asset)`
`303`	`330`	`if err != nil {`
`304`		`- return nil, response, errors.Wrap(err, "Error uploading release asset.")`
	`331`	`+ return nil, response, githubapiutil.EnrichResponseError(response, err, "Error uploading release asset.")`
`305`	`332`	`}`
`306`	`333`	`return asset, response, nil`
`307`	`334`	`}`
`@@ -315,9 +342,9 @@ func (pushService pushService) createOrUpdateReleaseAsset(release github.Repos`
`315`	`342`	`return nil`
`316`	`343`	`} else {`
`317`	`344`	`log.Warnf("Removing existing release asset %s because it was only partially-uploaded (had size %d, but should have been %d)...", existingAsset.GetName(), actualSize, expectedSize)`
`318`		`- _, err := pushService.githubEnterpriseClient.Repositories.DeleteReleaseAsset(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, existingAsset.GetID())`
	`345`	`+ response, err := pushService.githubEnterpriseClient.Repositories.DeleteReleaseAsset(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, existingAsset.GetID())`
`319`	`346`	`if err != nil {`
`320`		`- return errors.Wrap(err, "Error deleting existing release asset.")`
	`347`	`+ return githubapiutil.EnrichResponseError(response, err, "Error deleting existing release asset.")`
`321`	`348`	`}`
`322`	`349`	`}`
`323`	`350`	`}`
`@@ -333,9 +360,9 @@ func (pushService pushService) createOrUpdateReleaseAsset(release github.Repos`
`333`	`360`	`if err != nil {`
`334`	`361`	`return errors.Wrap(err, "Error opening release asset.")`
`335`	`362`	`}`
`336`		`- _, _, err = pushService.uploadReleaseAsset(release, assetPathStat, progressReader)`
	`363`	`+ _, response, err := pushService.uploadReleaseAsset(release, assetPathStat, progressReader)`
`337`	`364`	`if err != nil {`
`338`		`- return errors.Wrap(err, "Error uploading release asset.")`
	`365`	`+ return githubapiutil.EnrichResponseError(response, err, "Error uploading release asset.")`
`339`	`366`	`}`
`340`	`367`	`return nil`
`341`	`368`	`}`
`@@ -358,9 +385,9 @@ func (pushService *pushService) pushReleases() error {`
`358`	`385`
`359`	`386`	`existingAssets := []*github.ReleaseAsset{}`
`360`	`387`	`for page := 1; ; page++ {`
`361`		`- assets, _, err := pushService.githubEnterpriseClient.Repositories.ListReleaseAssets(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, release.GetID(), &github.ListOptions{Page: page})`
	`388`	`+ assets, response, err := pushService.githubEnterpriseClient.Repositories.ListReleaseAssets(pushService.ctx, pushService.destinationRepositoryOwner, pushService.destinationRepositoryName, release.GetID(), &github.ListOptions{Page: page})`
`362`	`389`	`if err != nil {`
`363`		`- return errors.Wrap(err, "Error fetching existing release assets.")`
	`390`	`+ return githubapiutil.EnrichResponseError(response, err, "Error fetching existing release assets.")`
`364`	`391`	`}`
`365`	`392`	`if len(assets) == 0 {`
`366`	`393`	`break`
`@@ -376,7 +403,7 @@ func (pushService *pushService) pushReleases() error {`
`376`	`403`	`for _, assetPathStat := range assetPathStats {`
`377`	`404`	`err := pushService.createOrUpdateReleaseAsset(release, existingAssets, assetPathStat)`
`378`	`405`	`if err != nil {`
`379`		`- return errors.Wrap(err, "Error uploading release assets.")`
	`406`	`+ return err`
`380`	`407`	`}`
`381`	`408`	`}`
`382`	`409`	`}`
`@@ -410,7 +437,7 @@ func Push(ctx context.Context, cacheDirectory cachedirectory.CacheDirectory, des`
`410`	`437`	`}`
`411`	`438`	`rootResponse, err := client.Do(ctx, rootRequest, nil)`
`412`	`439`	`if err != nil {`
`413`		`- return errors.Wrap(err, "Error checking connectivity for GitHub Enterprise client.")`
	`440`	`+ return githubapiutil.EnrichResponseError(rootResponse, err, "Error checking connectivity for GitHub Enterprise client.")`
`414`	`441`	`}`
`415`	`442`	`if rootRequest.URL != rootResponse.Request.URL {`
`416`	`443`	`updatedBaseURL, _ := url.Parse(client.BaseURL.String())`