pr-title-conventional-commits: create PR comment only if permissions are properly set #93
Description
This is an improvement for comment: auto after we implement #82
In #82, we create PR comment if the PR has not be created from a forked repository. But if the GH_TOKEN hasn't the right permissions, the PR creation will fail.
Instead, I propose that we find a way to check the permission and that we only create the PR comment if the permission are set correctly.
This will cover more use cases.
Getting the permissions
This may require to use or develop a dedicated action
Resources about getting the permissions
https://github.com/orgs/community/discussions/25259 to retrieve the oauth scopes of a token
the following actions check the permissions of an actor (write or admin). But nothing about the token permissions
- https://github.com/scherermichael-oss/action-has-permission
- https://github.com/prince-chrismc/check-actor-permissions-action
- https://github.com/skjnldsv/check-actor-permission
See also https://michaelheap.com/access-secrets-from-forks/ --> https://github.com/actions-cool/check-user-permission
Alternatives
As mentioned in the README of the action since #107, it is advised to trigger the workflow calling the action on pull_request_target events. So, the GH_TOKEN can have the permission to write PR comment even when the PR is created from a fork.
Implementing what is described in this issue would only help when setting up the configuration of the workflow calling the action.