Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[BUG] Github Actions: Resource Not Available to Integration

See original GitHub issue

Describe the bug In DangerJS lately, I’ve been getting 403 errors when it’s trying to fetch the previous comments, so it’s constantly duplicating the danger message.

Actions Log Output

$ /github/workspace/node_modules/.bin/danger ci --id main --dangerfile ./scripts/danger/main.ts
:+1: Jest tests passed

Main Dangerfile Loaded

{
  fails: { numEntries: 0, sumNumChars: 0 },
  warnings: { numEntries: 0, sumNumChars: 0 },
  messages: { numEntries: 1, sumNumChars: 123 },
  markdowns: { numEntries: 0, sumNumChars: 0 }
}

{ spacePerMessage: 64987, shortenedSpacePerMessage: 64984 }
Found only messages, passing those to review.
Request failed [403]: https://api.github.com/user
Response: {
  "message": "Resource not accessible by integration",
  "documentation_url": "https://developer.github.com/v3/users/#get-the-authenticated-user"
}
Request failed [403]: https://api.github.com/user
Response: {
  "message": "Resource not accessible by integration",
  "documentation_url": "https://developer.github.com/v3/users/#get-the-authenticated-user"
}
Feedback: https://github.com/taskrabbit/tr_client/pull/1345#issuecomment-611692062

To Reproduce

Steps to reproduce the behavior:

Configure DangerJS to run in Github Actions using the default token
I assume let Github change some semantics
Notice comments start duplicating

Speculation: this might also be affected by a long-running PR that had many comments, but my testing suggests that this isn’t actually in play here 😕

Expected behavior

Since I’ve configured danger to update the same comment in place, it should be able to do just that instead of duplicating comments.

Your Environment

software	version
danger.js	9.2.10, 9.4.x, 10.1.0
node	12.16.1
npm	6.13.4
Operating System	Github Actions (linux)

Additional context Add any other context about the problem here.

Issue Analytics

State:
Created 3 years ago
Reactions:2
Comments:24 (18 by maintainers)

Top GitHub Comments

3reactions

fbarthocommented, Jan 20, 2022

Hey folks! I resolved this two different ways in different repos.

Originally, it worked out with a a custom Personal Access Token – as described by @gabsmprocha, but in a new repo, we resolved it by giving the appropriate permissions in the workflow .yaml file:

permissions:
  actions: write
  checks: write
  contents: write
  # deployments: read
  issues: write
  pull-requests: write
  statuses: write

Note: your exact needed permissions depend on what exactly your Dangerfile tries to do!

Announcement for the Permissions Feature + Docs

Note: you’ll still see console log messages about 403 errors, as DangerJS doesn’t know what permissions a token has until it hits different APIs, so as an example, our repo sees two 403 errors in the logs on every danger run, but it succeeds at posting/updating comments, as well as marking commits as failed/or green.

I’m going to close this ticket, as there are 2 workarounds, and my original issue was a long while ago. If these workarounds don’t work for you, please file a new ticket with an updated description of exactly what you’re seeing + ideally a snippet of the Permissions you’ve attached to the custom token, or the Permissions you’ve applied to your workflow file!

0reactions

airtonixcommented, Jul 25, 2022

you can also use this page to help you correlate further details to give users to help them craft tokens with specific scopes:

https://docs.github.com/en/rest/overview/permissions-required-for-github-apps#permission-on-profile