Action doesn't execute on PR

[xerxesb]

I have added this cppcheck action to one of my workflows, and I've noticed that the job executes on push, but it doesn't execute on pull request. In both cases its the exact same job - one runs, the other doesn't.

My job definition:

cppcheck_analysis:
  runs-on: ubuntu-18.04

  steps:
  - name: Checkout
    uses: actions/checkout@v2
    with:
      fetch-depth: 0

  - name: cppcheck
    uses: deep5050/cppcheck-action@v3.0
    with:
      github_token: ${{ secrets.GITHUB_TOKEN }}
      platform: 'unix64'
      std: 'c++14'
      output_file: cppcheck_report.txt

When the job executes as part of a push, I get the full output and everything works.

When the job executes as part of a pull_request I only get the following in the log:

[group]Run deep5050/cppcheck-action@v3.0

with: github_token: *** platform: unix64 std: c++14 output_file: cppcheck_report.txt check_library: disable skip_preprocessor: disable enable: all exclude_check: disable inconclusive: enable inline_suppression: disable force_language: disable force: disable max_ctu_depth: disable other_options: disable env: BUILD_TYPE: Release

[endgroup]

[command]/usr/bin/docker run --name a33c132b95d7e10cf45b2a9e9d9ead91e9eeb_dab94e --label 8a33c1 --workdir /github/workspace --rm -e BUILD_TYPE -e INPUT_GITHUB_TOKEN -e INPUT_PLATFORM -e INPUT_STD -e INPUT_OUTPUT_FILE -e INPUT_CHECK_LIBRARY -e INPUT_SKIP_PREPROCESSOR -e INPUT_ENABLE -e INPUT_EXCLUDE_CHECK -e INPUT_INCONCLUSIVE -e INPUT_INLINE_SUPPRESSION -e INPUT_FORCE_LANGUAGE -e INPUT_FORCE -e INPUT_MAX_CTU_DEPTH -e INPUT_TARGET_BRANCH -e INPUT_OTHER_OPTIONS -e INPUT_PULL_REQUEST_BRANCH -e INPUT_TARGET_REPOSITORY -e INPUT_PULL_REQUEST_REPOSITORY -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/PVP/PVP":"/github/workspace" 8a33c1:32b95d7e10cf45b2a9e9d9ead91e9eeb

Post job cleanup. [command]/usr/bin/git version git version 2.31.1 [command]/usr/bin/git config --local --name-only --get-regexp core.sshCommand [command]/usr/bin/git submodule foreach --recursive git config --local --name-only --get-regexp 'core.sshCommand' && git config --local --unset-all 'core.sshCommand' || : [command]/usr/bin/git config --local --name-only --get-regexp http.https\:\/\/github.com\/.extraheader http.https://github.com/.extraheader [command]/usr/bin/git config --local --unset-all http.https://github.com/.extraheader [command]/usr/bin/git submodule foreach --recursive git config --local --name-only --get-regexp 'http.https\:\/\/github.com\/.extraheader' && git config --local --unset-all 'http.https://github.com/.extraheader' || : Uploading runner diagnostic logs Completed runner diagnostic log upload Cleaning up orphan processes

I would imagine this is a bug? There shouldn't be a reason why it runs on commit but not on PR?

[github-actions[bot]]

Hi, @xerxesb, Thanks for your contribution :blue_heart: . Contributors :people_holding_hands: like you make the open source community :earth_africa: such an amazing place to learn :book: , inspire :angel:, and create :art: . We will investigate :eyes: and get back to you as soon as possible :+1: . Just make sure you have given us sufficient information :information_source:.

By that time enjoy this meme :point_down: , hope you like it :smile:

Use this action on your projects. Use jokes on issues instead.

[deep5050]

unfortunately, this action does not work on PRs, as it does not have the write permission to write the report back on the pull request's codebase. I'm working on a bot that overcomes this. stay tuned for it.

[xerxesb]

Thanks. Appreciate if you could drop a comment in this issue when it's available!

[deep5050]

yeah sure :)

[M1cha]

The check is still fundamentally wrong though because (especially with organization repositories), the source-branch might be in the same repo as the destination-branch. On top of that, the action can still be useful without writing a report. just failing the status-check to prevent merging when branch-protection is enabled is good enough. Also, it's not the actions task to do such a check, the user of the action is the only person who can know if the provided token works on the repo or not and should enable or disable the action using if:.

IMO you should just remove the check without changing anything else.

[ikerexxe]

What's the status of this issue? It's been some time since the last update and I was wondering if some work has been done in the meanwhile.

[chmorgan]

I forked over at https://github.com/chmorgan/cppcheck-action and removed this check. Any help would be appreciated!

[kwaremburg360]

I'm not a GHA expert but rather than committing the report. You could:

1. Attach it as an artifact to the build.
2. cat the report to the build log so it can be viewed there.