Update dependabot CI #101
Merged
Update dependabot CI #101
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was breaking the dependabot runs, because “/” was interpreted here as the root directory of the runner, not the top level of the repository, and there wasn’t permission to create files and directories there. Probably this worked at first and only broke recently.
…even if someone else pushed the specific commit.
emdash-ie
force-pushed
the
fix-dependabot-ci
branch
from
a09d867
to
ad1a295
Compare
marialani
reviewed
Jul 17, 2023
.github/workflows/ci.yml
Outdated
Comment on lines
36
to
41
| - name: Dump GitHub context | ||
| id: github_context_step | ||
| run: echo $JSON | ||
| env: | ||
| JSON: ${{ toJSON(github) }} | ||
|
|
There was a problem hiding this comment.
Would this potentially expose any sensitive info? Was this mainly for debugging?
There was a problem hiding this comment.
I think any sensitive info is masked, for example in this build expanding the step shows that the token is masked.
This isn’t something I added, but I did have the same doubts about it. Let’s get rid of it – it’s useful for understanding the structure of the context and checking values, but we can always add the step back for debugging a given execution if needed.
These had diverged a bit, and I think it’d be good for most things to be shared (everything that dependabot _can_ run), by using if conditions on the individual steps rather than the whole job.
This makes it easier to skip steps for dependabot PRs, and possibly makes better use of the UI.
emdash-ie
force-pushed
the
fix-dependabot-ci
branch
from
ad1a295
to
b8a899d
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Don’t use root working directory
This was breaking the dependabot runs, because “/” was interpreted here as the root directory of the runner, not the top level of the repository, and there wasn’t permission to create files and directories there. Probably this worked at first and only broke recently.
Use same workflow for dependabot and pulls
These had diverged a bit, and I think it’d be good for most things to be shared (everything that dependabot can run), by using if conditions on the individual steps rather than the whole job.
Inline scripts into workflow
This makes it easier to skip steps for dependabot PRs, and possibly makes better use of the UI.