ci: tolerate dependency awareness read-only tokens

2026-05-13 15:47:28 +00:00 · 2026-05-13 11:17:25 +01:00
parent 46f7750c63
commit 1bc45af1db
2 changed files with 20 additions and 15 deletions
--- a/.github/workflows/dependency-change-awareness.yml
+++ b/.github/workflows/dependency-change-awareness.yml
@@ -47,6 +47,19 @@ jobs:
                .slice(0, 240);
            const markdownCode = (value) =>
              `\`${sanitizeDisplayValue(value).replaceAll("`", "\\`")}\``;
+            const ignoreUnavailableWritePermission = (action) => (error) => {
+              if (error?.status === 403) {
+                core.warning(
+                  `Skipping dependency change ${action}; token does not have issue write permission.`,
+                );
+                return;
+              }
+              if (error?.status === 404 || error?.status === 422) {
+                core.warning(`Dependency change ${action} is unavailable.`);
+                return;
+              }
+              throw error;
+            };

            const files = await github.paginate(github.rest.pulls.listFiles, {
              owner: context.repo.owner,
@@ -85,18 +98,14 @@ jobs:
                  repo: context.repo.repo,
                  issue_number: pullRequest.number,
                  name: labelName,
-                }).catch((error) => {
-                  if (error?.status !== 404) {
-                    throw error;
-                  }
-                });
+                }).catch(ignoreUnavailableWritePermission("label removal"));
              }
              if (existingComment) {
                await github.rest.issues.deleteComment({
                  owner: context.repo.owner,
                  repo: context.repo.repo,
                  comment_id: existingComment.id,
-                });
+                }).catch(ignoreUnavailableWritePermission("comment deletion"));
              }
              await core.summary
                .addHeading("Dependency Change Awareness")
@@ -112,13 +121,7 @@ jobs:
                repo: context.repo.repo,
                issue_number: pullRequest.number,
                labels: [labelName],
-              }).catch((error) => {
-                if (error?.status === 404 || error?.status === 422) {
-                  core.warning(`Dependency change label "${labelName}" is missing or unavailable.`);
-                  return;
-                }
-                throw error;
-              });
+              }).catch(ignoreUnavailableWritePermission(`label "${labelName}" update`));
            }

            const listedFiles = dependencyFiles.slice(0, maxListedFiles);
@@ -150,14 +153,14 @@ jobs:
                repo: context.repo.repo,
                comment_id: existingComment.id,
                body,
-              });
+              }).catch(ignoreUnavailableWritePermission("comment update"));
            } else {
              await github.rest.issues.createComment({
                owner: context.repo.owner,
                repo: context.repo.repo,
                issue_number: pullRequest.number,
                body,
-              });
+              }).catch(ignoreUnavailableWritePermission("comment creation"));
            }

            await core.summary