kopf
kopf copied to clipboard
nolar
GitHubActions: "Resource not accessible by integration" for Unit-tests
Example:
- https://github.com/nolar/kopf/pull/588/checks?check_run_id=1495706881
Run EnricoMi/[email protected]
/usr/bin/docker run --name b2a8c111414f8fac32ce59128e0a_4c4cc9 --label 179394 --workdir /github/workspace --rm -e pythonLocation -e LD_LIBRARY_PATH -e INPUT_GITHUB_TOKEN -e INPUT_COMMENT_ON_PR -e INPUT_FILES -e INPUT_CHECK_NAME -e INPUT_REPORT_INDIVIDUAL_RUNS -e INPUT_DEDUPLICATE_CLASSES_BY_FILE_NAME -e INPUT_HIDE_COMMENTS -e INPUT_LOG_LEVEL -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/kopf/kopf":"/github/workspace" 179394:1850b2a8c111414f8fac32ce59128e0a
2020-12-03 22:52:25 +0000 - publish-unit-test-results - INFO - reading junit.xml: ['junit.xml']
2020-12-03 22:52:25 +0000 - publish.publisher - INFO - publishing results for commit ca73376233896c12cde0a731670b8d6c7a87ab27
2020-12-03 22:52:26 +0000 - publish.publisher - INFO - creating check
Traceback (most recent call last):
File "/action/publish_unit_test_results.py", line 89, in <module>
main(settings)
File "/action/publish_unit_test_results.py", line 32, in main
Publisher(settings, gh).publish(stats, results.case_results)
File "/action/publish/publisher.py", line 59, in publish
check_run = self.publish_check(stats, cases)
File "/action/publish/publisher.py", line 163, in publish_check
output=output)
File "/action/githubext/Repository.py", line 78, in create_check_run
headers={'Accept': 'application/vnd.github.antiope-preview+json'},
File "/usr/local/lib/python3.6/site-packages/github/Requester.py", line 319, in requestJsonAndCheck
verb, url, parameters, headers, input, self.__customConnection(url)
File "/usr/local/lib/python3.6/site-packages/github/Requester.py", line 342, in __check
raise self.__createException(status, responseHeaders, output)
github.GithubException.GithubException: 403 {"message": "Resource not accessible by integration", "documentation_url": "https://docs.github.com/rest/reference/checks#create-a-check-run"}
It is either an issue in the action, or something with the GitHub API token setup — needs to be verified. Most likely to happen in all external PRs (PRs from forks, which by definition do not have access to the GitHub token).
Explained here: https://github.com/EnricoMi/publish-unit-test-result-action#support-fork-repositories
There is a special setup required for this action to work with forks.
Since I don't use these results (but rather check the logs), it is easier to drop the whole idea of JUnit results uploaded than to worry for security of tokens now.