Get the 403 resource not accessible error in a reusable workflow action
lindseysimple opened this issue · 3 comments
lindseysimple commented
Define the action-eslint
action in a callee reusable workflow as below:
jobs:
eslint:
runs-on: ubuntu-latest
env:
NODE_VERSION: 16
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
- name: Install dependencies
run: npm ci
- uses: reviewdog/action-eslint@v1
with:
fail_on_error: true
eslint_flags: 'src/'
Will get the following error on the caller workflow:
eslint version:v8.19.0
Running eslint with reviewdog 🐶 ...
reviewdog: GET https://api.github.com/repos/<org>/<repo>/pulls/38/comments?per_page=100: 403 Resource not accessible by integration []
Error: Process completed with exit code 1.
If not using the reusable workflow, it works on the repository which triggers the github action.
zirkelc commented
Same issue here. Were you able to solve it?
zirkelc commented
Adding the persmissions on workflow level solved the issue for me:
permissions:
checks: write
contents: write
issues: write
pull-requests: write
hlascelles commented
NB Always use least privilege. Don't give any tasks/jobs/people any more permissions than they need.
You should just be able to use:
permissions:
checks: write
contents: read
pull-requests: read