Action fails with HttpError: Not Found in v1.3.3 and v2

[vpicone]

Bug Report

• SVGO Action version: 1.3.3 and v2

• On: pull_request

Description

In v1.3.3, action fails with error: action failed with error 'HttpError: Not Found'

In v2, the error is slightly more specific:

Run ericcornelissen/svgo-action@next
Using SVGO major version 2
(node:1592) UnhandledPromiseRejectionWarning: HttpError: Not Found
    at /home/runner/work/_actions/ericcornelissen/svgo-action/next/lib/index.js:1:75590
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
(node:1592) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 3)
(node:1592) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Failed runs

v1.3.3: https://github.com/carbon-design-system/design-language-website/runs/2440834523
v2: https://github.com/carbon-design-system/design-language-website/pull/937/checks?check_run_id=2440879827

Let me know if I can provide any more context or try some things out!

[ericcornelissen]

Thanks for the report @vpicone. It seems the error is due to the fact that the Pull Requests come from a fork. Unfortunately for us, GitHub has put restrictions on the capabilities of Actions in the context of a fork for security.

I'm working v2 in an attempt to find a solution for this exact problem, but I can't guarantee it will work. I'll be sure to let you know if I find a way to make this Action work on Pull Requests from forks!

In the meanwhile, If you want to help out, you can try configuring the Action with a Personal Access Token of a user that has write access to the target repository. In v1 you may be able to do that by providing the PAT for the repo-token input of the Action, not sure though... As for v2, I first need to figure out where exactly the error is originating.

[vpicone]

@ericcornelissen

Ahh!! That makes so much sense. Looking at the Calibre image processing action, they include a disclaimer for this exact issue. I wonder if it would be helpful to include a similar disclaimer so folks don't bang their head on their keyboard for 6 hours like I did haha.

[ericcornelissen]

Fair enough, this Action already gives you a more descriptive error if you try to use the pull_request_target trigger, but I agree that this is easy to miss and many people will be using pull_request instead. I will add a disclaimer similar to the README as soon as possible 👍

[vpicone]

@ericcornelissen right on thank you. I'll close this out since it's already on your v2 radar.

[ericcornelissen]

Quick update: I was not able to get v1 working with Pull Requests from forks using a Personal Access Token (even though the disclaimer you mentioned suggested to me this is possible, from calibreapp/image-actions#53 it seems that it would require a PAT on the fork which I didn't try and is not a solution that would be suitable to me). With that in mind I will add a disclaimer to the README that forks are not supported.

Regarding v2, still need to do some further digging. Seems it was caused by the check built into the Action to skip the run based on Pull Request comments. In the context of a Pull Request from a fork the Action does not have the right permissions to get these comments and hence you get the error you reported. I'm changing the course of the development of (at least the initial) v2 release to be as minimal as possible. That said, I'm becoming less and less certain that there's any hope optimizing SVGs in Pull Request from forks can be supported in a nicer way than what you linked before 😞