Permissions are not documented

ppremk / lfs-warning

GitHub Action to detect Large Files in a Pull Request

MIT License

34 stars 22 forks source link

Permissions are not documented #147

Open AlekSi opened 2 years ago

AlekSi commented 2 years ago

Is your feature request related to a problem? Please describe.

I tried to use lfs-warnings for pull_request events from forks of a public repo. I got "Resource not accessible by integration" error. PR in question: https://github.com/FerretDB/FerretDB/pull/1371

Describe the solution you'd like

lfs-warnings should document what permissions it needs.

ianlewis commented 1 year ago

The action tries to create the PR label if it doesn't exist already. PRs don't have access to do do that. https://github.com/ActionsDesk/lfs-warning/blob/e5f9a4c21f4bee104db7c0f23954dde59e5df909/src/index.ts#L163-L169

You can work around this error by pre-creating the label manually.

AlekSi commented 1 year ago

I created use-git-lfs label: https://github.com/FerretDB/FerretDB/labels I configured lfs-warning to use it: https://github.com/FerretDB/FerretDB/blob/cd52bc76204357a615dc8a896e54c92bf2b3ebb1/.github/workflows/docs.yml#L41-L47 I created test PR: https://github.com/FerretDB/FerretDB/pull/1797 It still fails with the same error message: https://github.com/FerretDB/FerretDB/actions/runs/3914014480/jobs/6690585846

I guess it fails later while trying to add a label and comment to PR. That functionality is also not available to PRs from forks. But at least it produces a file list, even if the last error message is confusing.

Young-Lord commented 9 months ago

Maybe pull_request_target is the only solution. See official docs, it says This event allows your workflow to do things like label or comment on pull requests from forks.

mahor1221 commented 5 months ago

I fixed the error by adding the pull-requests: write permission:

jobs:
  check:
    name: Check
    runs-on: ubuntu-latest
    permissions:
      # required for ppremk/lfs-warning
      pull-requests: write
    steps:
      ...

aabrown100-git commented 1 week ago

Hi authors @AlekSi, thanks so much for developing this great tool. I am working on a public repository and have tried to integrate your tool into our testing framework. I keep getting the same error discussed above: Error: Resource not accessible by integration. I've tried the solutions discussed above, but haven't been able to figure it out. Could you advise how to solve this error? The PR can be found here.