search

andymckay / labeler

Other
36 stars 53 forks source link

403 error from a fork #37

Open jordimassaguerpla opened 2 years ago

jordimassaguerpla commented 2 years ago

Hi I have this workflow:

name: Check if translation is required

on:
  pull_request:
    paths:
      - 'java/code/src/com/redhat/rhn/frontend/strings/**'
      - 'backend/**'
      - 'client/rhel/yum-rhn-plugin/**'
      - 'client/rhel/mgr-daemon/**'
      - 'client/rhel/spacewalk-client-tools/**'
      - 'web/**'
      - 'susemanager/**'
      - 'spacecmd/**'

jobs:
  run:
    name: Check by trying to locally update translation files 
    if: github.repository == 'uyuni-project/uyuni'
    runs-on: ubuntu-latest
    steps:
    - name: Cancel Previous Runs
      uses: styfle/cancel-workflow-action@0.8.0
      with:
        access_token: ${{ github.token }}
    - name: Add label
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      uses: andymckay/labeler@master
      with:
        add-labels: "needs-translation"
        repo-token: "${{ secrets.GITHUB_TOKEN }}"

If I create a PR based on a branch , the label is added. If I do that based on a fork, I get this error:

Run andymckay/labeler@master
RequestError [HttpError]: Resource not accessible by integration
    at /home/runner/work/_actions/andymckay/labeler/master/node_modules/@octokit/request/dist-node/index.js:66:23
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async label (/home/runner/work/_actions/andymckay/labeler/master/label.js:90:3) {
  status: 403,
  headers: {
    'access-control-allow-origin': '*',
    'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
    connection: 'close',
    'content-encoding': 'gzip',
    'content-security-policy': "default-src 'none'",
    'content-type': 'application/json; charset=utf-8',
    date: 'Wed, 17 Aug 2022 11:05:14 GMT',
    'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
    server: 'GitHub.com',
    'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
    'transfer-encoding': 'chunked',
    vary: 'Accept-Encoding, Accept, X-Requested-With',
    'x-content-type-options': 'nosniff',
    'x-frame-options': 'deny',
    'x-github-media-type': 'github.v3; format=json',
    'x-github-request-id': '07C5:4A96:2DC42FB:2F229FE:62FCCB6A',
    'x-ratelimit-limit': '1000',
    'x-ratelimit-remaining': '970',
    'x-ratelimit-reset': '1660735565',
    'x-ratelimit-resource': 'core',
    'x-ratelimit-used': '30',
    'x-xss-protection': '0'
  },
  request: {
    method: 'PATCH',
    url: 'https://api.github.com/repos/uyuni-project/uyuni/issues/5760',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'octokit.js/16.28.9 Node.js/12.22.7 (Linux 5.15; x64)',
      authorization: 'token [REDACTED]',
      'content-type': 'application/json; charset=utf-8'
    },
    body: '{"labels":["java","java_lint_checkstyle","java_pgsql_tests","API","old-ui","needs-translation"]}',
    request: { hook: [Function: bound bound register], validate: [Object] }
  },
  documentation_url: 'https://docs.github.com/rest/reference/issues#update-an-issue'
}

action run on a fork: https://github.com/uyuni-project/uyuni/runs/7877178806?check_suite_focus=true action run on a branch: https://github.com/uyuni-project/uyuni/runs/7877202585?check_suite_focus=true

Is there a problem with running from a fork¿

thanks

prein commented 2 years ago

It's a known issue (worth mentioning in the README perhaps?) it doesn't work on forks (https://github.com/orgs/community/discussions/25937#discussioncomment-3249747)

I'm getting the same 403 on a non-fork private repo though when I don't include the issues: write permission which may also be worth documenting