romeovs / lcov-reporter-action

Comments a pull request with the code coverage generated by your tests.
MIT License
161 stars 99 forks source link

Get 403 RequestError when others create pull request #6

Open yinxin630 opened 4 years ago

yinxin630 commented 4 years ago

This problem occurred when someone else created a pull request, but there was no problem when I created it myself

Run romeovs/lcov-reporter-action@v0.2.16
RequestError [HttpError]: Resource not accessible by integration
    at /home/runner/work/_actions/romeovs/lcov-reporter-action/v0.2.16/dist/main.js:6018:23
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
    at async main$1 (/home/runner/work/_actions/romeovs/lcov-reporter-action/v0.2.16/dist/main.js:22911:2) {
  name: 'HttpError',
  status: 403,
  request: {
    method: 'POST',
    url: 'https://api.github.com/repos/yinxin630/fiora/issues/229/comments',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'octokit.js/16.35.0 Node.js/12.13.1 (Linux 5.4; x64)',
      authorization: 'token [REDACTED]',
      'content-type': 'application/json; charset=utf-8'
    },
    body: `...`
  }
merlinstardust commented 1 year ago

I'm seeing this happen and I'm the one who created the repo and Pull Request

https://github.com/merlinstardust/coverage-zero-vitest-example/pull/1

https://github.com/merlinstardust/coverage-zero-vitest-example/actions/runs/5384604824/jobs/9772900127#step:9:27

merlinstardust commented 1 year ago

Found a fix by adding permissions: write-all to the specific job`

jameslan commented 2 months ago

Found a fix by adding permissions: write-all to the specific job`

When you create a PR in your own repo, the job permission only needs pull-requests to add comments:

permissions:
  pull-requests: write

If the PR is created by someone else, 403 error is returned with message

Resource not accessible by integration