You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
##[debug]Evaluating condition for step: 'Run wow-actions/welcome@v1'##[debug]Evaluating: success()##[debug]Evaluating success:##[debug]=> true##[debug]Result: true##[debug]Starting: Run wow-actions/welcome@v1##[debug]Loading inputs##[debug]Evaluating: secrets.GITHUB_TOKEN##[debug]Evaluating Index:##[debug]..Evaluating secrets:##[debug]..=> Object##[debug]..Evaluating String:##[debug]..=> 'GITHUB_TOKEN'##[debug]=> '***'##[debug]Result: '***'##[debug]Loading env
Run wow-actions/welcome@v1
with:
GITHUB_TOKEN: *** FIRST_PR_MERGED: #### :sparkles: :tada: **AWESOME!** :tada: :sparkles:
Hi @{{ author }},
Thanks for this pull request and for contributing to the code-base for the first time. We are looking forward to more contributions from you in the future.
Cheers & happy contributing!
##[debug]event: pull_request##[debug]action: closed
Error: HttpError: Resource not accessible by integration
Error: Resource not accessible by integration
##[debug]Node Action run completed with exit code 1##[debug]Finishing: Run wow-actions/welcome@v1
Additional Context
We have set up the workflow as recommended in the docs for the workflow.
Your Environment
GitHub Actions on Ubuntu 20.04
The text was updated successfully, but these errors were encountered:
Hi folks, I just ran into this one as well. I think this comes from the changes that where made going from pull_request to pull_request_target, with these differences in the new triggers:
pull_request
Runs in the context of the pull_request source, so the repo that has the changes. These incoming changes might have security issues, and therefor have less authorizations: e.g. they are not allowed to write to the PR (that could potentially lead to approving the PR for example :-) ), or write to the .github/worfklows folder.
This also prevents access to any secrets that might be in the repo, as that could lead to secrets being leaked to anyone sending in a PR
pull_request_target
This setup now has full access to the repos, so it can write to PR's, has access to secrets, etc.
Next step
I'm not sure how we can create comments on the PR, without running on pull_request_target (which I do not recommend for all the security reasons above).
We are seeing a "Resource not accessible by integration" when this is run. Here is our workflow file: https://github.com/freeCodeCamp/freeCodeCamp/actions/runs/2503722663/workflow
Expected Behavior
The workflow should leave a comment on the PR by a first-timer.
Current Behavior
The workflow runs error out.
Possible Solution
Not sure how to approach debugging this better.
Steps To Reproduce
Here is a run with debug logs enabled to help analyze the issue: https://github.com/freeCodeCamp/freeCodeCamp/runs/6906136489?check_suite_focus=true#step:2:31
Error Message & Stack Trace
Additional Context
We have set up the workflow as recommended in the docs for the workflow.
Your Environment
GitHub Actions on Ubuntu 20.04
The text was updated successfully, but these errors were encountered: