Action fails when PR is submitted from a fork and a misspelled word is detected #4
Description
When a PR is submitted from a fork, the GitHub access token provided by ${{ secrets.GITHUB_TOKEN}} is downgraded to read-only. This causes the attempt to comment on the PR to fail:
Traceback (most recent call last):
File "/entrypoint.py", line 91, in <module>
main()
File "/entrypoint.py", line 86, in main
comment_pr(fixes, conf, gh_token)
File "/entrypoint.py", line 57, in comment_pr
pr.create_issue_comment(body=body)
File "/usr/local/lib/python3.7/site-packages/github/PullRequest.py", line 420, in create_issue_comment
"POST", self.issue_url + "/comments", input=post_parameters
File "/usr/local/lib/python3.7/site-packages/github/Requester.py", line 322, in requestJsonAndCheck
verb, url, parameters, headers, input, self.__customConnection(url)
File "/usr/local/lib/python3.7/site-packages/github/Requester.py", line 345, in __check
raise self.__createException(status, responseHeaders, output)
github.GithubException.GithubException: 403 {"message": "Resource not accessible by integration", "documentation_url": "https://developer.github.com/v3/issues/comments/#create-a-comment"}
This has been discussed at actions/labeler#12.
The only workaround I've found is running the action from a scheduled workflow, as they started out to do in the actions/labeler action (actions/labeler@375fca6). However, as they realized, it's not so simple as just changing a couple lines in the workflow configuration. The action code likely needs significant reworking as well. I did manage to get this working in an action I wrote.