Got warning message in CI pipeline

@akphi Just want to clarify that this error that you’re seeing in the logs is not because you’ve not installed Scanitizer. We just print this message (not a warning or error) in the logs in case the app is not present, and create a check run locally from the action. The users are free to use the action without getting any warnings/errors even if they don’t install Scanitizer.

Looks like the scanitizer app is not installed on the repo. Falling back to check run creation through GitHub actions app...
For a better experience with managing allowedlist, install Scanitizer app from https://github.com/apps/scanitizer.

You’re seeing this error because when the action creates a check run locally (for a better summary view), it’s not able to do so because your token doesn’t have enough permissions (because of the limitation that @ds-ms pointed about forked repos).

Now IMHO, I really think if what we should do is if the app is not installed, we don’t say anything about it in the CI build, even warning, because warning like this creates ambiguity and people might think they need to install the app. What do you think?

We were banking on the GitHub Action’s token for creating a check run if the app wasn’t installed. Based on the permissions listed here: https://docs.github.com/en/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token it should have been able to do it, unless if yours is a forked repo. @shigupt202 perhaps we should make this error a little more verbose to point out that it was the ${{ github.token }} which lacked permissions to create a check-run