clang-tidy-review 0.8.3 failed completely with cmake (preset)

[ibis-hdl]

Hi,

the following part of my actions fails:

name: Clang tidy review

on: [pull_request]

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
...
    - name: Clang-Tidy Review
      id: pr_static_analysis
      uses: ZedThree/clang-tidy-review@v0.8.3
      with:
        config_file: .clang-tidy
        cmake_command: cmake --preset ci-linux
...

with

1s
Run ZedThree/clang-tidy-review@v0.8.3
/usr/bin/docker run --name d1752e4df580e4672890d151d29af8ff2_5517e8 --label 08450d --workdir /github/workspace --rm -e INPUT_CONFIG_FILE -e INPUT_CMAKE_COMMAND -e INPUT_TOKEN -e INPUT_BUILD_DIR -e INPUT_BASE_DIR -e INPUT_CLANG_TIDY_VERSION -e INPUT_CLANG_TIDY_CHECKS -e INPUT_INCLUDE -e INPUT_EXCLUDE -e INPUT_APT_PACKAGES -e INPUT_MAX_COMMENTS -e INPUT_PR -e INPUT_REPO -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e GITHUB_STEP_SUMMARY -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/ci-cmake-test/ci-cmake-test":"/github/workspace" 08450d:1752e4df580e4672890d151d29af8ff2  "--clang_tidy_binary=clang-tidy-12" "--token=***" "--repo=ibis-hdl/ci-cmake-test" "--pr=13" "--build_dir=." "--base_dir=/home/runner/work/ci-cmake-test/ci-cmake-test" "--clang_tidy_checks=-*,performance-*,readability-*,bugprone-*,clang-analyzer-*,cppcoreguidelines-*,mpi-*,misc-*" "--config_file=.clang-tidy" "--include='*.[ch],*.[ch]xx,*.[ch]pp,*.[ch]++,*.cc,*.hh'" "--exclude=''" "--apt-packages=" "--cmake-command='cmake --preset ci-linux'"
Running cmake: cmake --preset ci-linux
Traceback (most recent call last):
  File "/review.py", line 806, in <module>
    subprocess.run(cmake_command, shell=True, check=True)
  File "/usr/lib/python3.8/subprocess.py", line 516, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command 'cmake --preset ci-linux' returned non-zero exit status 1.

Changes to my action to:

name: Clang tidy review

on: [pull_request]

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
...
    - name: CMake configuration
      run: |
        cmake --preset ci-linux
    - name: Clang-Tidy Review
      id: pr_static_analysis
      uses: ZedThree/clang-tidy-review@v0.8.3
      with:
        config_file: '.clang-tidy'
...

results also into failure with

Run ZedThree/clang-tidy-review@v0.8.3
  with:
    config_file: .clang-tidy
    token: ***
    build_dir: .
    base_dir: /home/runner/work/ci-cmake-test/ci-cmake-test
    clang_tidy_version: 12
    clang_tidy_checks: -*,performance-*,readability-*,bugprone-*,clang-analyzer-*,cppcoreguidelines-*,mpi-*,misc-*
    include: *.[ch],*.[ch]xx,*.[ch]pp,*.[ch]++,*.cc,*.hh
    max_comments: 25
    pr: 13
    repo: ibis-hdl/ci-cmake-test
/usr/bin/docker run --name d95915f49658a4125be604ffb8fd80452_620ace --label 08450d --workdir /github/workspace --rm -e INPUT_CONFIG_FILE -e INPUT_TOKEN -e INPUT_BUILD_DIR -e INPUT_BASE_DIR -e INPUT_CLANG_TIDY_VERSION -e INPUT_CLANG_TIDY_CHECKS -e INPUT_INCLUDE -e INPUT_EXCLUDE -e INPUT_APT_PACKAGES -e INPUT_CMAKE_COMMAND -e INPUT_MAX_COMMENTS -e INPUT_PR -e INPUT_REPO -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e GITHUB_STEP_SUMMARY -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/ci-cmake-test/ci-cmake-test":"/github/workspace" 08450d:95915f49658a4125be604ffb8fd80452  "--clang_tidy_binary=clang-tidy-12" "--token=***" "--repo=ibis-hdl/ci-cmake-test" "--pr=13" "--build_dir=." "--base_dir=/home/runner/work/ci-cmake-test/ci-cmake-test" "--clang_tidy_checks=-*,performance-*,readability-*,bugprone-*,clang-analyzer-*,cppcoreguidelines-*,mpi-*,misc-*" "--config_file=.clang-tidy" "--include='*.[ch],*.[ch]xx,*.[ch]pp,*.[ch]++,*.cc,*.hh'" "--exclude=''" "--apt-packages=" "--cmake-command=''"
Traceback (most recent call last):
  File "/review.py", line 811, in <module>
    main(
  File "/review.py", line 603, in main
    pull_request = PullRequest(repo, pr_number, token)
  File "/review.py", line 44, in __init__
    self._pull_request = repo_object.get_pull(pr_number)
  File "/usr/local/lib/python3.8/dist-packages/github/Repository.py", line 2746, in get_pull
    headers, data = self._requester.requestJsonAndCheck(
  File "/usr/local/lib/python3.8/dist-packages/github/Requester.py", line 353, in requestJsonAndCheck
    return self.__check(
  File "/usr/local/lib/python3.8/dist-packages/github/Requester.py", line 378, in __check
    raise self.__createException(status, responseHeaders, output)
github.GithubException.GithubException: 403 {"message": "Resource not accessible by integration", "documentation_url": "https://docs.github.com/rest/reference/pulls#get-a-pull-request"}

Do I miss something?

[FlorianReimold]

I think you need to go to Settings/Actions/General and give your Action write permission (it is required to post reviews)

I have heard that it will still fail for external PRs (coming from a fork), but I haven't verified that, yet.

[ZedThree]

Sorry, I don't have much time at the minute to investigate, but I agree with @FlorianReimold, it sounds like a permissions issue.

[FlorianReimold]

I have encountered the same error "Resource not accessible by integration", so I assume it is caused by the same issue. For me it was because I let the action run in a forked repo, where github apparently restricts the permissions for GH Actions to read-only by default.

[ibis-hdl]

Thanks for answers. As it's shown on project's example usage there aren't any permissions. Isn't it a copy & paste starter?

[FlorianReimold]

I guess not for forks at least. In all repos that I forked the Action Permissions are set to "Read only", while all repos that I have created initially have "Read-Write" Perissions.

[ibis-hdl]

In my case it's my own (not yet public) repo with this action. I would expect read/write permission by default.

[FlorianReimold]

I don't have many private repositories, but in mine the Action permissions are Read-Write by default, as well. Maybe it should be documented better what has to be done in that case.

[ibis-hdl]

Indeed, repo permission must be set from default to read/write.

Thanks, I'm closing the issue.