lucassabreu
commented
6 months ago hi @timnolte can link the workflow or copy and paste it here for me to look into it?
Closed timnolte closed 6 months ago
lucassabreu
commented
6 months ago hi @timnolte can link the workflow or copy and paste it here for me to look into it?
timnolte
commented
6 months ago Here is the workflow:
https://github.com/oidc-wp/openid-connect-generic/blob/develop/.github/workflows/pr-unit-testing.yml
Here is a recent failure on a PR from a fork:
https://github.com/oidc-wp/openid-connect-generic/actions/runs/8290877284/job/22689633198#step:7:1
samliu999
commented
6 months ago same issue here
lucassabreu
commented
6 months ago hi @samliu999 @timnolte
sadly this looks like a limitation that github puts on the default tokens, where workflows running on forks will only have read permissions.
because of that this error is thrown when the action tries to comment (write) on the pull request.
you can still see the report on the step summary, and min/max rules will still affect the pull request. https://github.com/oidc-wp/openid-connect-generic/actions/runs/8290877284#summary-22689633198
if you really need the comment, then you could use a PAT, but that become a risk because of the repo access that is required to comment.
i tried to explain this here (i would appreciate if y'all reviewed the text):
i also added a new option on the action called skip-comments-on-forks so it won't even try to comment if set to true.
timnolte
commented
6 months ago Ah, OK, I sort of suspected that this could be related to GitHub permissions and requiring the use of a PAT. I like the idea of having the skip on forks option. This would allow us to keep the action in place and still get some value out of it. I was wanting to reduce the need for external services so was going to drop considering the use of CodeCov.
lucassabreu
commented
6 months ago i created a new release with the changes, if you spot some problem or anything reach again
When people open up Pull Requests from a fork my unit testing step fails with the following error. Pull requests opened from branches within the same repository work fine.