actions/marocchino-sticky-pull-request-comment
2
0
Fork 0
mirror of https://github.com/marocchino/sticky-pull-request-comment.git synced 2025-12-14 20:41:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

docs: remove workflow_run part

Browse source
This commit is contained in:
marocchino 2021-03-23 10:02:03 +09:00 committed by GitHub
parent e61538ba96
commit 8b661422ca
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
README.md
View file

@ -112,66 +112,8 @@ with:
### Error: Resource not accessible by integration ### Error: Resource not accessible by integration
That message means requester has not enough permission. The solution is to split That message means requester has not enough permission. If `secrets.GITHUB_TOKEN`
the workflow between the part that can be executed with only read privileges and is explicitly passed, this problem can be solved by just deleting that part.
the part that writes comments. See [this
article](https://securitylab.github.com/research/github-actions-preventing-pwn-requests)
for more information, and see below example for solution:
```yaml
# test.yml
name: Test
on:
pull_request:
push:
branches:
- main
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- run: npm ci
- run: |
mkdir -p ./pr
echo ${{ github.event.number }} | tee ./pr/number
npm run all | tee ./pr/all_result
- uses: actions/upload-artifact@v2
if: ${{ github.event_name == 'pull_request' }}
with:
name: all
path: pr/
# comment_on_pr.yml
name: Comment on PR
on:
workflow_run:
workflows:
- "Test"
types:
- completed
jobs:
comment:
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.event == 'pull_request' }}
steps:
- name: on artifact
id: artifact
uses: marocchino/on_artifact@v1
with:
name: all
- uses: marocchino/sticky-pull-request-comment@v2
with:
header: All
number: ${{ steps.artifact.outputs.number }}
message: |
```
${{ steps.artifact.outputs.all_result }}
```
```
## Inputs ## Inputs
@ -209,7 +151,7 @@ jobs:
### `GITHUB_TOKEN` ### `GITHUB_TOKEN`
**Optional**, typically set secrets.GITHUB_TOKEN. If not set, this will use `${{ github.token }}`. **Optional**, You can set [PAT](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) here. If not set, this will use `${{ github.token }}`.
## Outputs ## Outputs