dart-package-analyzer icon indicating copy to clipboard operation
dart-package-analyzer copied to clipboard

Published 20 hours ago verified publisher icon axel-op

No report on pull requests from forks

Open axel-op opened this issue 5 years ago • 7 comments

Description

When the action is triggered by the pull_request event, if the pull request is from a different repository (a fork), the action fails with the error "Resource not accessible by integration".

EDIT: this behavior has changed. See the comment below.

Why is this happening

This action uses the GITHUB_TOKEN you provide to call the GitHub API and to post the result of its analysis. As explained here, here, or here, GitHub for now reduces the permissions of this token when the action is triggered by another repository. Therefore an error is thrown when this action tries to call the API in this situation.

Permissions for the GITHUB_TOKEN

Current workaround

A possible workaround is to edit your workflow to trigger this action only when pull requests come from the same repository. This can be done by adding an if-condition, as illustrated below:

name: Example workflow
on: [push, pull_request]

jobs:

  package-analysis:
    if: github.event_name != 'pull_request' || github.actor == '[username]' # Replace [username] by the username of your repo
    runs-on: ubuntu-latest
    steps:
      - ...

I will update this issue if there is new information on this.

axel-op avatar Jan 09 '20 15:01 axel-op

I edited the code so that this action won't fail anymore on this error. The report will now be skipped if it cannot be posted. ~~This action will fail if a compilation error or a static error is detected by the analyzer.~~ The outputs of this action will still be set.

axel-op avatar Feb 03 '20 04:02 axel-op

The report will now be skipped if it cannot be posted.

Any chance the report could be printed directly to the standard ouptut in that case? Otherwise, if there's a failure later in the pipeline (e.g. our CI fails if the score decreases) we can't see what's wrong.

vaind avatar Feb 19 '21 10:02 vaind

Hello @vaind, you can still see the original raw JSON report in the logs, along with the values of the outputs. Is this what you want?

image image

axel-op avatar Feb 19 '21 11:02 axel-op

Totally missed that, all good then

vaind avatar Feb 19 '21 11:02 vaind

For cases like this, is there any way the raw json from the job logs can be captured and turned into a report or downloadable job artifact? Having to hunt through the logs to see the analysis in these cases is a bit tedious.

GroovinChip avatar Apr 17 '21 23:04 GroovinChip

For cases like this, is there any way the raw json from the job logs can be captured and turned into a report or downloadable job artifact? Having to hunt through the logs to see the analysis in these cases is a bit tedious.

Hi @GroovinChip, could you please create a separate issue for this ? :)

axel-op avatar Apr 19 '21 19:04 axel-op

For cases like this, is there any way the raw json from the job logs can be captured and turned into a report or downloadable job artifact? Having to hunt through the logs to see the analysis in these cases is a bit tedious.

Hi @GroovinChip, could you please create a separate issue for this ? :)

Done

GroovinChip avatar Apr 19 '21 20:04 GroovinChip