# Fixing "403 Forbidden" GitHub Actions, Docker or Helm Push to GitHub Container Registry (GHCR)
In GitHub Actions, after logging into the GHCR registry, you may be surprised to see the error "403 Forbidden" when running `docker push` or `helm push`:
```
Error: unexpected status from POST request to https://ghcr.io/v2/cert-manager/charts/openshift-routes/blobs/uploads/: 403 Forbidden
```
> Example: https://github.com/cert-manager/openshift-routes/actions/runs/7088552754/job/19291296517
You will probably already have double-checked that you have correctly set the `GITHUB_TOKEN` permissions:
```yaml
# Either at the top of your workflow file,
# or under the job itself.
permissions:
packages: write
```
You will also have double-checked that you are passing the `GITHUB_TOKEN` correctly:
```yaml
- uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
```
But that's not where the issue is, I found. At first, I thought it was because GitHub Actions requires a specific naming to be used. I thought that I had to rename the container image to match the repository name... but that wasn't the cause of the issue.
I noticed that the GitHub Action had run correctly once, but then started failing subsequent runs of the GitHub Action.
**Solution:** I opened the image's page (https://github.com/cert-manager/openshift-routes/pkgs/container/charts%2Fopenshift-routes), then went to "Package settings", then "Add repository" under the section "Manage Actions access", and finally I added the repository "cert-manager/openshift-routes" and changed the role to `Write`.
![Web capture_14-12-2023_105259_github.com](https://hackmd.io/_uploads/r12MbI_8p.jpg)
![Web capture_14-12-2023_105342_github.com](https://hackmd.io/_uploads/Hy3MZUOL6.jpg)
![Web capture_14-12-2023_105443_github.com](https://hackmd.io/_uploads/SJnzWLu8a.jpg)
**Another issue I hit:** After the first successful run of the GitHub Action, goreleaser had successfully created the Helm chart package, but it was marked as "private". I had to make it public before people could use the Helm charts:
![Web capture_15-12-2023_10272_github.com](https://hackmd.io/_uploads/B12U39YLa.jpg)