pr-auditor: try using default GITHUB_TOKEN to set commit status on forks (!32421) · Merge requests · Administrator / sourcegraph

Administrator requested to merge github/fork/bobheadlabs/pr-auditor-external-contributions into main Mar 10, 2022

Created by: bobheadxi

testing out forks again, wondering if the default GITHUB_TOKEN might be allowed to set commit statuses on forks. previous attempt to switch to using the run output did not work very well: https://github.com/sourcegraph/sourcegraph/pull/31946#issuecomment-1054550210

looks like it doesn't work :( even with the default token, https://github.com/sourcegraph/sourcegraph/runs/5488972911?check_suite_focus=true#step:4:31

2022/03/10 00:27:10 checkPR: {Reviewed:false TestPlan: Error:<nil>}
2022/03/10 00:27:10 preMergeAudit: CreateStatus: POST [api.github.com/repos/sourcegraph/sourcegraph/statuses/96ae789554c724890663518d83cc8b895aacc0a9:](https://api.github.com/repos/sourcegraph/sourcegraph/statuses/96ae789554c724890663518d83cc8b895aacc0a9:) 403 Resource not accessible by integration []

more details from thread: https://sourcegraph.slack.com/archives/C01N83PS4TU/p1646870889938299?thread_ts=1646865673.857509&cid=C01N83PS4TU

The issue is setting commit statuses on PRs - the check does run (see check logs), but for whatever reason GitHub doesn't allow you to set the status on commits on forks 😬 You're only allowed to use the run output. This doesn't work for us because we use the pull request events so that we get the pull request payload in the event - subsequent pushes will look "green" when it is not. We can run on push, but that doesn't include the PR payload, necessitating extra API requests to perform the PR description check

Another experiment: https://github.com/sourcegraph/sourcegraph/pull/32423

pr-auditor: try using default GITHUB_TOKEN to set commit status on forks

Test plan

Merge request reports