github.rest.issues.createComment results in "Resource not accessible by integration" error

[jprider63]

I'm attempting to use github-script to post a comment to a PR during CI. Unfortunately it is failing with the error "Error: Unhandled error: HttpError: Resource not accessible by integration" when run on a PR to the main repository. When the same commit (72c2497) is run on my fork of the repository, CI passes and posts the comment without error. So far, I've tried adding the following permission settings, but none of them work for PR's against the main repository:

permissions:
  pull-requests: write

permissions:
  pull-requests: write
  issues: write

permissions: write-all

permissions:
  id-token: write
  contents: read
  issues: write
  pull-requests: write

We've also checked that "Allow all actions and reusable workflows" and "Read and write permissions" is set for the main repository's action permission settings.

Is there another permission that we need to set? Any suggestions would be appreciated! Thanks!

[HowieHz]

Use of information passed between jobs

An example of problem solving travellings-link/travellings@6fc4418 (Ignore the job named “comment” and focus on "comment-auto-check-assistant-result" and "auto-check-assistant".)

[joshmgross]

Pull Requests workflows from forks can't utilize write permissions, which is why you're getting a failure. You can see the effective permissions for a job in the "Set up job" step logs.

pull_request_target is likely the event you want, but please read through the full documentation to understand the security risks. If you have any questions about that, feel free to ask!