Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: use pull_request_target for ci.yml #521

Closed
wants to merge 1 commit into from
Closed

ci: use pull_request_target for ci.yml #521

wants to merge 1 commit into from

Conversation

smoya
Copy link
Contributor

@smoya smoya commented Feb 27, 2025
edited
Loading

Alternative to #518

  • GH by defaults keeps asking maintainers to approve workflows for external contributions
  • Means pull_request_target change should be enough for fixing the current issue.
  • Environments would be an extra step of security if we want to use different env vars depending on the source of the contribution, otherwise are not needed
  • Enforcing different kind of requirements to merge PR's based on the type of file (md or the rest) is not possible right directly withing gh config but with either
    • this action
    • I believe we can just do the check ourselves and if the change is a markdown or not and fail accordingly

@smoya smoya requested a review from a team as a code owner February 27, 2025 15:14
cevian
cevian requested changes Feb 27, 2025
View reviewed changes
Copy link
Collaborator

@cevian cevian left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pull_request_target is not controlled by github approvals (stupidly), so we need additional checks like in #518

@smoya
Copy link
Contributor Author

smoya commented Feb 27, 2025

pull_request_target is not controlled by github approvals (stupidly), so we need additional checks like in #518

This has been fact-checked 👍

@smoya smoya closed this Feb 27, 2025
@smoya smoya deleted the sergio-run-ci-on-base branch February 27, 2025 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cevian cevian cevian requested changes

@adolsalamanca adolsalamanca adolsalamanca approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@smoya @cevian @adolsalamanca