Menu
I am trying to get a regular comment inserted in a pull request from a GitHub action. I can't seem to get it right. Octokit, the underlying library, allows you to create reviewComments to PRs, but those refer to a commit and that's not what I want, I want a simple comment. I figured I can just use octokit.issues.createComment. However, that does not seem to work.
Here's the code
import * as core from '@actions/core';
const {GitHub, context} = require('@actions/github')
const parse = require('parse-diff')
async function run() {
try {
// get information on everything
const token = core.getInput('github-token', {required: true})
const github = new GitHub(token, {} )
console.log( context )
const PR_number = context.payload.pull_request.number
// Check if the body contains required string
const bodyContains = core.getInput('bodyContains')
if ( context.payload.pull_request.body.indexOf( bodyContains) < 0 ) {
core.setFailed("The body of the PR does not contain " + bodyContains);
console.log( "Actor " + context.actor + " pr number " PR_number)
const result = await github.issues.createComment({
owner: context.actor,
repo: context.payload.repository.full_name,
issue_number: PR_number,
body: "We need to have the word " + bodyContains + " in the body of the pull request"
});
console.log(result)
} // more irrelevant stuff below
}}
This simply seems to retur "Not found". I can't seem to be able to find out if it's a type problem, or something different. Theoretically, owner, repo, and issue number, as well as body, should be right, and it's printed correctly. Any help will be appreciated. This is probably a more general question in the realm of GitHub API, with GitHub actions being simply the context, so I might be wrong there.
305
Action inputsGITHUB_TOKEN ( issues: write , pull-requests: write ) or a repo scoped PAT. The full name of the repository in which to create or update a comment. The number of the issue or pull request in which to create a comment. The id of the comment to update.
To resolve a comment without replying, select Resolve under the comment. To reply to the comment, type your response in the Write a reply field, and select Reply. To reply to and resolve the comment, type your response in the Write a reply field, and select Reply & resolve.
A canonical way is using the official Github Script actions. Don't get confused, issues and PRs are the same for the GitHub API.
2020:
on:
# Trigger the workflow on push or pull request
pull_request:
branches:
- master
- develop
jobs:
comment:
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v3
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
github.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: '👋 Thanks for reporting!'
})
Seen on: https://github.com/actions/github-script#comment-on-an-issue
EDIT 2021:
Adapting to GH's newer versions, one has to reference the rest client directly. See note as of writing.
on:
# Trigger the workflow on push or pull request
pull_request:
branches:
- master
- develop
jobs:
comment:
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v5
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: '👋 Thanks for reporting!'
})
The other answers don't mention is the security restrictions of a GitHub action run from a fork that triggers the pull_request event. The GITHUB_TOKEN in these actions does not have write access to the repository and therefore cannot create a comment. See permissions for the GITHUB_TOKEN.
The GitHub docs for the workflow_run event have a good example of how to work around this. The basic idea is to have the workflow that is triggered by the pull_request event upload any info needed in the comment as a build artifact using actions/upload-artifact. Then a separate workflow triggered by a workflow_run event downloads the information using actions/download-artifact.
NOTE: For security, since the workflow triggered by workflow_run has write access, it must be committed to the default branch before it can be used. (Also keep in mind that the build artifacts could contain malicious data from a malicious pull request).
Here is a copy of the example workflows from the linked docs (in case the link breaks or the docs change):
name: Upload data
on:
pull_request:
jobs:
upload:
runs-on: ubuntu-latest
steps:
- name: Save PR number
env:
PR_NUMBER: ${{ github.event.number }}
run: |
mkdir -p ./pr
echo $PR_NUMBER > ./pr/pr_number
- uses: actions/upload-artifact@v3
with:
name: pr_number
path: pr/
name: Use the data
on:
workflow_run:
workflows: [Upload data]
types:
- completed
jobs:
download:
runs-on: ubuntu-latest
steps:
- name: 'Download artifact'
uses: actions/github-script@v5
with:
script: |
let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: context.payload.workflow_run.id,
});
let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
return artifact.name == "pr_number"
})[0];
let download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
let fs = require('fs');
fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/pr_number.zip`, Buffer.from(download.data));
- name: 'Unzip artifact'
run: unzip pr_number.zip
- name: 'Comment on PR'
uses: actions/github-script@v5
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
let fs = require('fs');
let issue_number = Number(fs.readFileSync('./pr_number'));
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issue_number,
body: 'Thank you for the PR!'
});
I initially tried to use Respost, but it doesn't allow setting a raw body string.
So here's a way to do it with curl.
In a .github/workflows/whatever.yml:
name: Some workflow
on:
issue_comment:
types: [created]
jobs:
comment:
if: contains(github.event.comment.body, 'special string')
runs-on: ubuntu-latest
steps:
- name: Add comment to PR
env:
URL: ${{ github.event.issue.comments_url }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
curl \
-X POST \
$URL \
-H "Content-Type: application/json" \
-H "Authorization: token $GITHUB_TOKEN" \
--data '{ "body": "blah blah" }'
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
