danger Action fails on POST

[jaymzh]

Report

What did you do?

Use the GH action thusly:

  danger:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write
    steps:
      - uses: actions/checkout@v2
      - uses: danger/danger@master
        env:
          DANGER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}

What did you expect to happen?

It to work.

Note that if I do a "bundle exec danger" instead, it logs the problems to the log (but cannot write a comment to the PR), which is not optimal, but at least is useful. With the Action it just fails to run.

What happened instead?

bundler: failed to load command: danger (/usr/local/bundle/bin/danger)
/usr/local/bundle/gems/octokit-7.2.0/lib/octokit/response/raise_error.rb:14:in `on_complete': POST https://api.github.com/repos/chef/chef/issues/13976/comments: 403 - Resource not accessible by integration // See: https://docs.github.com/rest/issues/comments#create-an-issue-comment (Octokit::Forbidden)

Your Environment

• Which CI are you running on? GH Actions
• Are you running the latest version of Danger? Yes
• What is your Dangerfile?

# Enforce our Gemfile update policy
if git.modified_files.include?('Gemfile.lock')
  if git.modified_files.include?('Gemfile')
    message "PR updates Gemfile.lock, but it also updates Gemfile, so that" +
      " is probably OK - but the reviewer should check updates are soley" +
      " from the Gemfile update"
  elsif !github.pr_body.include?('--conservative')
    if github.pr_body.include?("#gemlock_major_upgrade")
      message "PR updates Gemfile.lock, but output doesn't appear to be in" +
          " the PR Description. However #gemlock_major_upgrade does, so allowing"
    else
      failure "Gem/Bundle changes were not documented in the Description. If" +
        " this is a major update, add #gemlock_major_upgrade to the PR"
        " Description."
    end
  end
end

[orta]

Hey there, I don't think we support Danger being used as an action ( https://github.com/marketplace?category=&type=actions&verification=&query=danger ) maybe it's github guessing what to do and getting it wrong?

I know there are some people using docker, but I have no idea how all that works

[jaymzh]

Uh, what? Your code and your docs disagree with you:

danger/lib/danger/ci_source/github_actions.rb

Line 4 in d9fff7c

# ### CI Setup

The danger.system website says your support is and pulls from there for the how to.

[andrelaszlo]

Are you using bundler-cache: true in your workflow? Try "clearing" the cache by setting/incrementing cache-version. See setup-ruby: Dealing with a corrupted cache.

[jaymzh]

No, we are not (well, we don't specify, and my understanding is the default is false)

[andrelaszlo]

Ok! Got the same error and the above fix worked - perhaps it could give a clue anyway.

[jaymzh]

... there's no setup-ruby step required when using the built-in Action, it handles that itself. As I said, see:

danger/lib/danger/ci_source/github_actions.rb

Line 4 in d9fff7c

# ### CI Setup