[BUG] Status check failing on sign

[AnandChowdhary]

Describe the bug
When someone makes a PR who hasn't signed the CLA, the status check fails and there is a comment requesting them to sign. When they sign, the comment text is updated to "All contributors have signed the CLA" but the status check is still "failing". However, when a new label is added, CLA Assistant runs again and adds a new, passing, status check. So there are two checks now, one passing and one failing.

Expected behavior
The status check passes when the comment is updated the "All contributors have signed the CLA"

Screenshots

[ibakshay]

Hi @AnandChowdhary, The event issue_comment doesn't have access to the commit status. This failed check is from the previous commit of the user. You can see under the actions tab that the workflow run when the user signed has actually passed like the below screenshot.

Right now, one workaround for you is to manually re-run the previously failed CLA check for pull_request event when the user committed by clicking the re-run jobs button like below.

Nevertheless, I am working on automating this use-case by consuming GitHub Actions workflow re-run API whenever a contributor signs the CLA i:e issue_comment event.

[ibakshay]

I will let you know here, soon after I am done with it. So, let's keep this issue open for tracking.

[ibakshay]

Hi @AnandChowdhary, I have fixed this issue and it is reflected in this latest release V2.0.0-alpha with many other updates and new features😄 .

[simonmeggle]

Hi @ibakshay , I still have this problem with the latest release, see #81 ...
Just to go sure: is it sufficient to have the PERSONAL_ACCESS_TOKEN defined as a repository secret? Is this the token used to rerun the workflow?

[simonmeggle]

I just tried it with a new pull request: the bot is asking for signature, the user signs, but the action still fails.
Example:
elabit/robotframework-robotmklibrary#3

[jfoliveira]

I've faced the same issue this week contributing to Devopness open source repository: https://github.com/devopness/devopness

After many hours of work from another Devopness contributor (@thlmenezes) he suggested me to review the token permissions and we figured out that the workflow permission is required for this action so it can update commit status.

I'm using GitHub Personal Access Token classic.

What DOES NOT work ❌

Without granting the token the scope workflow the CLA assistant does not add to the debug log the line Rerunning build run defined in

github-action/src/pullRerunRunner.ts

Line 22 in dbc1c64

core.debug(`Rerunning build run ${run}`)

As the a new run is not triggered, the commit status is not updated, therefore the pull request checks block the PR from being merged.

What WORKS!!!!!! ✅ 🎉

After granting the token the workflow scope, a new comment from the PR author - signing the CLA - triggered the workflow re-run and all PR checks passed, as expected.

Notes:

1. It would be nice if the CLA Assistant failed explicitly everytime it is enabled to call a GitHub REST API endpoint, stating the returned error message, as that could save us many hours trying to debug this action's source code
2. Perhaps the bot could also check or log or document all required permissions upfront, so users are aware of that when configuring their access tokens

Apart from that, thanks @ibakshay for maintaining and providing this action.
Pretty useful! Great job! 💟