Problem
The Ready for Review Label workflow can fail after all CI has passed because the evaluate job tries to add the ready-for-review label with gh pr edit --add-label, but the workflow token does not have permission to mutate labels.
Example: #749
All conditions met. Adding ready-for-review label.
GraphQL: Resource not accessible by integration (addLabelsToLabelable)
Process completed with exit code 1.
Likely cause
.github/workflows/ready-for-review.yml currently declares:
permissions:
contents: read
pull-requests: write
actions: read
Adding/removing labels through gh pr edit --add-label/--remove-label requires label mutation permission via issues: write, because PR labels are issue labels in GitHub's API.
Expected fix
Add issues: write to the workflow permissions, or change the label mutation path to one that has the required permissions.
This is not caused by the PR branch in #749; that PR only changes key-wallet-ffi files, and all code/test CI jobs are passing.
Problem
The
Ready for Review Labelworkflow can fail after all CI has passed because theevaluatejob tries to add theready-for-reviewlabel withgh pr edit --add-label, but the workflow token does not have permission to mutate labels.Example: #749
pull_request_reviewsubmitted by CodeRabbit withREVIEW_STATE=approvedCodeRabbit review state: APPROVEDCI status: all_passedLikely cause
.github/workflows/ready-for-review.ymlcurrently declares:Adding/removing labels through
gh pr edit --add-label/--remove-labelrequires label mutation permission viaissues: write, because PR labels are issue labels in GitHub's API.Expected fix
Add
issues: writeto the workflow permissions, or change the label mutation path to one that has the required permissions.This is not caused by the PR branch in #749; that PR only changes
key-wallet-ffifiles, and all code/test CI jobs are passing.