search

trilom / file-changes-action

This action can be added, and you will get outputs of all of the files that have changed in your repository for you to use.
MIT License
167 stars 48 forks source link

Warn about necessary permission #129

Open peterbe opened 2 years ago

peterbe commented 2 years ago

Is your feature request related to a problem? Please describe.

I encountered this error:

Screen Shot 2021-12-08 at 1 31 06 PM

Cryptic! Turns out, the solution was this:

diff --git a/.github/workflows/link-check-all.yml b/.github/workflows/link-check-all.yml
index 510685a690a56..7c40cf65f5791 100644
--- a/.github/workflows/link-check-all.yml
+++ b/.github/workflows/link-check-all.yml
@@ -13,6 +13,8 @@ on:

 permissions:
   contents: read
+  # Needed for the 'trilom/file-changes-action' action
+  pull-requests: read

 jobs:
   build:

Describe the solution you'd like

It took me too long to figure that out. I'm still getting used to setting permissions on my workflows. Perhaps we can add this to the README or even possibly something like this:

  } catch (error) {
+  if (error.name === 'HttpError' && +error.status === 403) {
+    console.warn("Make sure your workflow as the 'pull-requests: read' permission.")
+}
    const eString = `There was an error getting change files for repo:${repo} owner:${owner} pr:${pullNumber}`
    let ePayload: string
    if (error.name === 'HttpError' && +error.status === 404)

Describe alternatives you've considered

n/a

Additional context

If it wasn't clear I'm suggesting any/either:

john-jerome commented 2 years ago

Hey @peterbe, if I understand correctly, adding read permissions on pull-request was the only change you applied to make it work?

I've added the permissions block to my workflow but the issue still persists.

permissions:
  contents: read
  # Needed for the 'trilom/file-changes-action' action
  pull-requests: read
peterbe commented 2 years ago

@john-jerome Don't know what it could be. I confirmed that this is all I have:

permissions:
  contents: read
  # Needed for the 'trilom/file-changes-action' action
  pull-requests: read

and I'm able to use trilom/file-changes-action@a6ca26c14274c33b15e6499323aac178af06ad4b in that Workflow.

But this action depends on the implicit GITHUB_TOKEN which is automatically made available in most contexts. See https://github.com/trilom/file-changes-action/blob/a6ca26c14274c33b15e6499323aac178af06ad4b/src/InputHelper.ts#L15

Perhaps whatever is running your workflow doesn't have access to GITHUB_TOKEN.