https://infracost.io logo
#general
Title
# general
p

plain-ocean-92335

12/14/2021, 2:22 PM
Which Github Actions Permissions are required to make comment post work?
Copy code
Run infracost/actions/comment@v1
Run # handle multiple paths
Notice: Using paths: --path /tmp/infracost.json
Output saved to comment.md
Run infracost/compost-action@master
Detected GitHub Actions
  Platform: github
  Project: REDACTED
  Target type: pull-request
  Target ref: 392

Finding matching comments for tag `compost-comment`
Error: GraphqlResponseError: Request failed due to following response errors:
 - Resource not accessible by integration
this is what we have set:
Copy code
permissions:
      id-token: write
      contents: read
      discussions: write
c

crooked-daybreak-55253

12/14/2021, 2:31 PM
Great question! I will look into this and document but off the top of my head I would guess you also need
pull_request: write
or maybe
issues: write
. I don’t think
discussions: write
is needed.
p

plain-ocean-92335

12/14/2021, 2:32 PM
is contents: write required, since a tmp file is writte?
Copy code
id-token: write
      contents: read
      pull-requests: write
trying this now
seems like
pull-requests: write
did the trick. Thanks
👍 2
c

crooked-daybreak-55253

12/14/2021, 2:38 PM
I don’t think
contents: write
would be needed since we’re just writing to the file system and not using the api to modify anything. https://docs.github.com/en/rest/reference/permissions-required-for-github-apps#permission-on-contents
I guess if you were uploading artifacts in your action you may need that
w

white-airport-8778

12/15/2021, 5:21 PM
I tweaked the docs to clarify this issue. Does that help?
p

plain-ocean-92335

12/16/2021, 8:41 AM
Yeah thats good, but maybe also add the
permissions:
setting to an examples workflow?
w

white-airport-8778

12/16/2021, 9:15 AM
@plain-ocean-92335 good idea - I added this just now, all examples have this comment line that sends people to the action’s readme for other options
Copy code
behavior: update # Create a single comment and update it. See <https://github.com/infracost/actions/tree/master/comment> for other options
6 Views