Error: HttpError: Resource not accessible by integration

jwgmeligmeyling / spotbugs-github-action

Push SpotBugs results as check run annotations

MIT License

10 stars 13 forks source link

Error: HttpError: Resource not accessible by integration #30

Open fgdrf opened 3 years ago

fgdrf commented 3 years ago

I used spotbugs-githuib-action in udig-platform project worklow right after the maven build:

    - name: Run uDig product & sdk build (parallel)
      run: mvn install -B -Pproduct,sdk,test -DskipTests spotbugs:check --fail-at-end -T4
    - uses: jwgmeligmeyling/spotbugs-github-action@v1.2
      with:
        path: '**/spotbugsXml.xml'

spotbugsXml.xml are generated (checked locally) but I get http-errors. Proviously I testetd with version from master uses: jwgmeligmeyling/spotbugs-github-action@master but sometimes I got the same errors

see https://github.com/locationtech/udig-platform/pull/550/checks?check_run_id=3847205371#step:10:243

Any ideas whats going wrong?

fgdrf commented 3 years ago

btw on master with the same setup the build was fine, while it failed on pull request

jwgmeligmeyling commented 3 years ago

Was it an external pull request?

fgdrf commented 3 years ago

Was it an external pull request?

The pull has been created from a branch of a forked repository. I can check with another branch in the same repo, but this requires commit-access rights normally not everybody have

HTH

—

You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/jwgmeligmeyling/spotbugs-github-action/issues/30#issuecomment-939480603, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE5JBMAPP4EOZXILICPEVLUGGGXBANCNFSM5FWINTEA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

fgdrf commented 3 years ago

@jwgmeligmeyling I can confirm that the build is fine if the branch to create the pull-request from is in the same repository (see https://github.com/locationtech/udig-platform/pull/554)

Anything we can do to allow pulls from external repositories?

jwgmeligmeyling commented 3 years ago

Try pull_request_target instead of pull_request as workflow event target.

We're struggling with this limitation in this repository as well. See; https://github.com/jwgmeligmeyling/spotbugs-github-action/pull/19#issuecomment-922533933

hypery2k commented 1 year ago

You can also try to add this to your GH workflow:

permissions:
   ...
  checks: write # needed for spotbugs

See here

More details can be found here: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github\_token

You could also add the checks permission in your action directly.