Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Recommended App permissions don't appear to be sufficient #180

Open
ewiner opened this issue Nov 11, 2022 · 0 comments
Open

Recommended App permissions don't appear to be sufficient #180

ewiner opened this issue Nov 11, 2022 · 0 comments
Assignees
@mszostok
Labels
bug Something isn't working

Comments

@ewiner
Copy link

ewiner commented Nov 11, 2022

Description

I created and installed a Github App as described in the docs, giving it only the "Members: Read" permission. But when running the action, I see this error:

Run mszostok/[email protected]
  with:
    checks: files,owners,duppatterns,syntax
    github_app_id: ***
    github_app_installation_id: ***
    github_app_private_key: ***
    github_base_url: ***
    repository_path: .
    owner_checker_repository: ***
    owner_checker_allow_unowned_patterns: true
    owner_checker_owners_must_be_teams: false
    not_owned_checker_trust_workspace: true
/usr/bin/docker run --name ghcriomszostokcodeownersvalidatorv074_7b39 --label 8d5581 --workdir /github/workspace --rm -e "INPUT_CHECKS" -e "INPUT_GITHUB_APP_ID" -e "INPUT_GITHUB_APP_INSTALLATION_ID" -e "INPUT_GITHUB_APP_PRIVATE_KEY" -e "INPUT_GITHUB_BASE_URL" -e "INPUT_GITHUB_ACCESS_TOKEN" -e "INPUT_GITHUB_UPLOAD_URL" -e "INPUT_EXPERIMENTAL_CHECKS" -e "INPUT_REPOSITORY_PATH" -e "INPUT_CHECK_FAILURE_LEVEL" -e "INPUT_NOT_OWNED_CHECKER_SKIP_PATTERNS" -e "INPUT_OWNER_CHECKER_REPOSITORY" -e "INPUT_OWNER_CHECKER_IGNORED_OWNERS" -e "INPUT_OWNER_CHECKER_ALLOW_UNOWNED_PATTERNS" -e "INPUT_OWNER_CHECKER_OWNERS_MUST_BE_TEAMS" -e "INPUT_NOT_OWNED_CHECKER_SUBDIRECTORIES" -e "INPUT_NOT_OWNED_CHECKER_TRUST_WORKSPACE" -e "ENVS_PREFIX" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/***/***":"/github/workspace" ghcr.io/mszostok/codeowners-validator:v0.4
time="2022-11:54:56Z" level=fatal msg="while checking if 'owners' checker is satisfied: repository *** not found, or it's private and token doesn't have enough permission"

Are there any other permissions required for the linter to run on my private repo? Here's what the App Installation page looks like:
image

I looked through the list of available permissions, and I didn't see an obvious candidate apart from full read access - is that what's necessary?
@ewiner ewiner added the bug Something isn't working label Nov 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mszostok mszostok

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ewiner @mszostok