Update workflow permissions and enhance README with quick start guide

jonit-dev · jonit-dev · commit 1d18fd8b4b3a · 2024-11-05T16:09:30.000-08:00
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -4,6 +4,11 @@ on:
   pull_request:
     types: [opened, synchronize]
 
+# Add required permissions
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   test-pr-review:
     runs-on: ubuntu-latest
diff --git a/README.md b/README.md
@@ -14,10 +14,36 @@ AI-powered PR reviews using OpenRouter's language models. Get automated code rev
    - Best practices violations
    - Overall score and final comments
 
-Example PR comment:
+## Quick Start
+
+Add this workflow to `.github/workflows/pr-review.yml`:
+
+```yaml
+name: PR Review
+on:
+  pull_request:
+    types: [opened, synchronize]
+
+# Add these permissions to allow PR comments
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  review:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: jonit-dev/openrouter-github-action@main
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          open_router_key: ${{ secrets.OPEN_ROUTER_KEY }}
+```
+
+## Example PR Comment
 
 ```markdown
-## OpenRouter AI Analysis
+## DiffGuard AI Analysis
 
 ### Potential Issues
 
@@ -81,6 +107,11 @@ on:
   pull_request:
     types: [opened, synchronize]
 
+# Required permissions
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   review:
     runs-on: ubuntu-latest
@@ -130,6 +161,11 @@ on:
   pull_request:
     types: [opened, synchronize]
 
+# Required permissions
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   review:
     runs-on: ubuntu-latest
@@ -190,6 +226,20 @@ Recommended models:
    - Always use GitHub Secrets
 7. The action will run automatically on your PR and post its analysis as a comment
 
+## Troubleshooting
+
+### Permission Errors
+
+If you see `Error: Resource not accessible by integration`, add these permissions to your workflow:
+
+```yaml
+permissions:
+  contents: read
+  pull-requests: write
+```
+
+This allows the action to read PR contents and create comments.
+
 ## Security Best Practices
 
 1. Always use GitHub Secrets for sensitive data
diff --git a/src/index.js b/src/index.js
@@ -88,7 +88,7 @@ async function createPRComment(octokit, context, analysis) {
       owner: context.repo.owner,
       repo: context.repo.repo,
       issue_number: context.payload.pull_request.number,
-      body: `## OpenRouter AI Analysis
+      body: `## DiffGuard AI Analysis
 
 ${analysis}
 
