Improve reporting for dependency-graph failure

The previous message was assuming a permissions issue, and was not
including the underlying error message in the response.
This commit is contained in:
daz 2023-12-19 13:55:20 -07:00
parent f95e9c7459
commit a1980784de
No known key found for this signature in database

View File

@ -78,12 +78,7 @@ async function submitDependencyGraphs(dependencyGraphFiles: string[]): Promise<v
await submitDependencyGraphFile(jsonFile) await submitDependencyGraphFile(jsonFile)
} catch (error) { } catch (error) {
if (error instanceof RequestError) { if (error instanceof RequestError) {
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile) core.warning(buildWarningMessage(jsonFile, error))
core.warning(
`Failed to submit dependency graph ${relativeJsonFile}.\n` +
"Please ensure that the 'contents: write' permission is available for the workflow job.\n" +
"Note that this permission is never available for a 'pull_request' trigger from a repository fork."
)
} else { } else {
throw error throw error
} }
@ -91,6 +86,18 @@ async function submitDependencyGraphs(dependencyGraphFiles: string[]): Promise<v
} }
} }
function buildWarningMessage(jsonFile: string, error: RequestError): string {
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile)
const mainWarning = `Failed to submit dependency graph ${relativeJsonFile}.\n${String(error)}`
if (error.message === 'Resource not accessible by integration') {
return `${mainWarning}
Please ensure that the 'contents: write' permission is available for the workflow job.
Note that this permission is never available for a 'pull_request' trigger from a repository fork.
`
}
return mainWarning
}
async function submitDependencyGraphFile(jsonFile: string): Promise<void> { async function submitDependencyGraphFile(jsonFile: string): Promise<void> {
const octokit = getOctokit() const octokit = getOctokit()
const jsonContent = fs.readFileSync(jsonFile, 'utf8') const jsonContent = fs.readFileSync(jsonFile, 'utf8')