search

launchdarkly / find-code-references-in-pull-request

Find Code Reference Flags in Pull Requests
https://docs.launchdarkly.com/home/code/code-references
Apache License 2.0
7 stars 2 forks source link

"`repo-token` lacks required permissions" #102

Open thangeshbabu opened 8 months ago

thangeshbabu commented 8 months ago

I am trying to use this action in Github Enterprise using Self Hosted Runner. No matter what permission I assign, job keeps failing with error "repo-token lacks required permissions"

Debug Log - Permissions :

##[group]GITHUB_TOKEN Permissions
2024-03-07T15:40:25.2941943Z Actions: write
2024-03-07T15:40:25.2942376Z Checks: write
2024-03-07T15:40:25.2942842Z Contents: write
2024-03-07T15:40:25.2943416Z Deployments: write
2024-03-07T15:40:25.2943860Z Discussions: write
2024-03-07T15:40:25.2944383Z Issues: write
2024-03-07T15:40:25.2944841Z Metadata: read
2024-03-07T15:40:25.2945333Z Packages: write
2024-03-07T15:40:25.2946107Z Pages: write
2024-03-07T15:40:25.2946601Z PullRequests: write
2024-03-07T15:40:25.2947416Z RepositoryProjects: write
2024-03-07T15:40:25.2947944Z SecurityEvents: write
2024-03-07T15:40:25.2948453Z Statuses: write

my github workflow yaml:

on: pull_request
permissions: write-all
jobs:
  find-flags:
    runs-on: self-hosted
    name: Find LaunchDarkly feature flags in diff
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Find flags
        uses: launchdarkly/find-code-references-in-pull-request@v1.2.0
        id: find-flags
        with:
          project-key: <project-key>
          environment-key: dev
          access-token: ${{ secrets.LD_ACCESS_TOKEN }}
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          create-flag-links: true
      - name: Add label
        if: steps.find-flags.outputs.any-changed == 'true'
        run: gh pr edit $PR_NUMBER --add-label ld-flags
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
      - name: Remove label
        if: steps.find-flags.outputs.any-changed == 'false'
        run: gh pr edit $PR_NUMBER --remove-label ld-flags
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
jazanne commented 8 months ago

@thangeshbabu Sorry you're seeing issues with the action. Can you share more information about which step(s) are failing with the repo token permissions error?

thangeshbabu commented 8 months ago

@jazanne thanks for responding, It is failing on "Find Flags" Step and below is the SS of error I am facing. image

jazanne commented 7 months ago

@thangeshbabu Since you are an enterprise account, can you check that your organizations permission settings are correct? I'm unable to reproduce this issue

matthieulabbe commented 3 weeks ago

I think I have the same issue. Log with debug logging:

Preprocessing diffs...
  ##[debug]Getting pull request diff...
  2024/10/25 03:50:06 `repo-token` lacks required permissions
  Error: `repo-token` lacks required permissions
  ##[debug]Docker Action run completed with exit code 1

I also have this warning:

This job failure may be caused by using an out of date self-hosted runner. You are currently using runner version 2.311.0. Please update to the latest version 2.314.1

@thangeshbabu Were you able to get this to work in Github Enterprise using a Self Hosted Runner?

thangeshbabu commented 3 weeks ago

Nope @matthieulabbe

Now it is evident that it is a common problem not specific to my organization. Anyway LaunchDarkly team can help us on this @jazanne ?