search

sidx1024 / report-nyc-coverage-github-action

GitHub Action that posts the report in a comment on a GitHub Pull Request from coverage data generated by nyc (istanbul)
MIT License
21 stars 10 forks source link

A mandatory permission is missing from the documentation #40

Open MBelangerB opened 1 year ago

MBelangerB commented 1 year ago

With your "Typical Usage" example, I got the following error.

/usr/bin/git diff --name-only --diff-filter=ACMRT origin/rework/syncPattern...32c41d0b5f2a8f8e8a80d95a3153662c383df78d .github/workflows/Test module.yml Error: HttpError: Resource not accessible by integration at /home/runner/work/_actions/sidx1024/report-nyc-coverage-github-action/v1.2.7/dist/index.js:5463:21 at processTicksAndRejections (node:internal/process/task_queues:96:5) at async run (/home/runner/work/_actions/sidx1024/report-nyc-coverage-github-action/v1.2.7/dist/index.js:1[14](https://github.com/MBelangerB/RiotModule/actions/runs/5171112701/jobs/9314450935#step:8:15)07:5)

After some trial and error, I finally realized that the problem was that I didn't have the permissions to write in my PR.

I added this to my workflow.

on: [pull_request]

# To be able to write in the PR, we need write permission. 
permissions:
   pull-requests: write

{...}

jobs:
  build:

I think it would be a good idea to add it to your example.

JoernBerkefeld commented 1 year ago

i actually got a similar error but only on dependabot PRs - will try your solution

JoernBerkefeld commented 1 year ago

the reason why behind permissions: pull-requests:write are actually explained in the dependabot docs: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#changing-github_token-permissions

JoernBerkefeld commented 1 year ago

i just updated my workflows with the suggested change and can confirm that workflows run by dependabot no longer fail

permissions:
   pull-requests: write