Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: use pull_request_target event to allow forks to run jobs. #96

Closed
wants to merge 1 commit into from
Closed

chore: use pull_request_target event to allow forks to run jobs. #96

wants to merge 1 commit into from

Conversation

marwen-abid
Copy link
Collaborator

@marwen-abid marwen-abid commented Nov 17, 2023
edited
Loading

What

Use pull_request_target event for workflows that use github environment secrets.
https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target

  • The github secrets we have on this repository are all testnet stellar accounts. So this should be fine in terms of security.
  • Our main and develop branches are also protected
  • Added explicit permissions to restrict GITHUB_TOKEN for these workflows because for pull_request_target event, the GITHUB_TOKEN is granted read/write repository permission.
  • Added CODEOWNERS file to restrict who can approve PRs.

Why

Allow PRs coming from forks to run the e2e tests.

@marwen-abid marwen-abid requested a review from a team November 17, 2023 04:47
@marwen-abid marwen-abid self-assigned this Nov 17, 2023
@stellar-jenkins
Copy link

stellar-disbursement-platform-backend-preview is available here:
SDP: https://sdp-backend-pr96.previews.kube001.services.stellar-ops.com/health
AP: https://sdp-ap-pr96.previews.kube001.services.stellar-ops.com/health
Frontend: https://sdp-backend-dashboard-pr96.previews.kube001.services.stellar-ops.com

@marwen-abid marwen-abid force-pushed the chore/use-pull-request-target branch from f786892 to 16857a6 Compare November 17, 2023 04:58
@stellar-jenkins
Copy link

stellar-disbursement-platform-backend-preview is available here:
SDP: https://sdp-backend-pr96.previews.kube001.services.stellar-ops.com/health
AP: https://sdp-ap-pr96.previews.kube001.services.stellar-ops.com/health
Frontend: https://sdp-backend-dashboard-pr96.previews.kube001.services.stellar-ops.com

@marwen-abid marwen-abid force-pushed the chore/use-pull-request-target branch from 16857a6 to 8f5dcef Compare November 17, 2023 05:03
@stellar-jenkins
Copy link

stellar-disbursement-platform-backend-preview is available here:
SDP: https://sdp-backend-pr96.previews.kube001.services.stellar-ops.com/health
AP: https://sdp-ap-pr96.previews.kube001.services.stellar-ops.com/health
Frontend: https://sdp-backend-dashboard-pr96.previews.kube001.services.stellar-ops.com

@marwen-abid marwen-abid requested review from jacekn, mwtzzz and xiv November 17, 2023 05:06
@marwen-abid marwen-abid deleted the chore/use-pull-request-target branch November 17, 2023 11:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reecexlm reecexlm reecexlm approved these changes

@jacekn jacekn Awaiting requested review from jacekn

@mwtzzz mwtzzz Awaiting requested review from mwtzzz

@xiv xiv Awaiting requested review from xiv

Assignees

@marwen-abid marwen-abid

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@marwen-abid @stellar-jenkins @reecexlm