为什么我的github应用程序无法绕过分支保护

我想在我的组织中创建一个 github 应用程序，它允许我在每个拉取请求合并到

main

分支后直接在主分支上创建自动版本控制提交。 我对

main

分支有一个分支保护规则，需要在合并之前发出拉取请求，并且我需要允许我的 github 应用程序绕过此规则。

这是我所做的步骤列表：

• 创建我的存储库并创建需要存在拉取请求的分支保护规则
• 在我的 github 组织中创建一个新的 github 应用程序，并授予该应用程序的每个可用权限（因此这包括存储库等的每个可能的写入权限）。以下也是这些权限的完整列表：

Permissions
 Read access to codespaces metadata, metadata, organization events, and organization plan
 Read and write access to Dependabot alerts, actions, actions variables, administration, attestations api, checks, code, codespaces, codespaces lifecycle admin, codespaces secrets, commit statuses, custom organization roles, custom repository roles, dependabot secrets, deployments, discussions, environments, issues, members, merge queues, organization actions variables, organization administration, organization announcement banners, organization codespaces, organization codespaces secrets, organization codespaces settings, organization copilot seat management, organization dependabot secrets, organization hooks, organization personal access token requests, organization personal access tokens, organization secrets, organization self hosted runners, organization user blocking, packages, pages, pull requests, repository advisories, repository custom properties, repository hooks, secret scanning alerts, secrets, security events, team discussions, and workflows
 Admin access to organization custom properties, organization projects, and repository projects

• 在我组织的每个存储库中安装该应用程序
• 为我的应用程序创建私钥并将其导出为组织级秘密变量
• 将应用程序 ID 导出到 github 变量
• 将应用程序添加到我的拉取请求规则的

  "Allow specified actors to bypass required pull requests"

  列表中
• 创建一个在合并拉取请求时运行的工作流程，其中包含以下步骤用于在 main 上创建提交（我使用

  peter-murray/workflow-application-token-action@v3

  操作来生成具有足够权限来执行此操作的短期令牌）：

... prior workflow steps
      - name: Get token for gh app Token
        id: get_workflow_token
        uses: peter-murray/workflow-application-token-action@v3
        with:
          application_id: ${{ vars.AUTOCOMMIT_APP_ID }}
          application_private_key: ${{ secrets.AUTOCOMMIT_APP_PRIVATE_KEY }}
      - name: Commit automatic version bump
        if: github.event.pull_request.merged == true
        env:
          GITHUB_TOKEN: ${{ steps.get_workflow_token.outputs.token }}
        run: |-
          git config user.name 'autocommit app'
          git config user.email '[email protected]'
          git add .
          git commit -m "chore: update version number (automated)"
          git push
... later workflow steps

• 此时，我希望创建提交并将其推送到 main，但出现以下错误：

Run git config user.name 'autocommit app'
[main 27e4f11] chore: update version number (automated)
 1 file changed, 1 insertion(+), 1 deletion(-)
remote: error: GH013: Repository rule violations found for refs/heads/main.        
remote: Review all repository rules at http://github.com/sandbox-org/org-sandbox-repo/rules?ref=refs%2Fheads%2Fmain        
remote: 
remote: - Changes must be made through a pull request.        
remote: 
To https://github.com/sandbox-org/org-sandbox-repo
 ! [remote rejected] main -> main (push declined due to repository rule violations)
error: failed to push some refs to 'https://github.com/sandbox-org/org-sandbox-repo'

如果我完全关闭分支保护，提交步骤工作得很好，所以我认为令牌创建是有效的，但这当然不是解决方案

htpps://${{ env.GITHUB_TOKEN }}@github.com/sandbox-org/org-sandbox-repo