Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Use pull_request_target with permissions check #142

Merged
merged 10 commits into from
Feb 14, 2024
Merged

ci: Use pull_request_target with permissions check #142

merged 10 commits into from
Feb 14, 2024

Conversation

DanielSchiavini
Copy link
Collaborator

@DanielSchiavini DanielSchiavini commented Feb 9, 2024
edited
Loading

What I did

Changed the pipeline to use the pull_request_target, so users with push access may run the pipeline using secrets.

How I did it

By using a small github script that calls getCollaboratorPermissionLevel

How to verify it

Make a PR targetting this branch (pipeline) in my fork. The integration pipeline should raise an error.
Here is an example of a successful check targeting this branch.

Description for the changelog

N/A

Cute Animal Picture

image

charles-cooper
charles-cooper reviewed Feb 9, 2024
View reviewed changes
.github/workflows/main.yaml Outdated
@@ -1,24 +1,21 @@
name: unitary

on: ["push", "pull_request"]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure we want to disable test on push

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i also don't think pull_request_target tests the merge commit, which may be a problem. maybe we should run all three?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added push to master and pull_request, but then without the integration tests

@DanielSchiavini DanielSchiavini changed the title Use pull_request_target with permissions check chore: Use pull_request_target with permissions check Feb 11, 2024
charles-cooper
charles-cooper approved these changes Feb 14, 2024
View reviewed changes
Copy link
Member

@charles-cooper charles-cooper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks like it's working - https://github.com/DanielSchiavini/titanoboa/actions/runs/7903435212/job/21571324351?pr=3

@charles-cooper
we don't need to run on pull_request anymore
6b17f7b 
since we jerry-rigged `pull_request_target` to run against the merge
commit
@charles-cooper
always do contributor check
1feede1
@charles-cooper charles-cooper changed the title chore: Use pull_request_target with permissions check ci: Use pull_request_target with permissions check Feb 14, 2024
DanielSchiavini
DanielSchiavini commented Feb 14, 2024
View reviewed changes
Copy link
Collaborator Author

@DanielSchiavini DanielSchiavini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@charles-cooper charles-cooper merged commit 6fe4fa6 into vyperlang:master Feb 14, 2024
4 checks passed
@DanielSchiavini DanielSchiavini self-assigned this Mar 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@charles-cooper charles-cooper charles-cooper approved these changes

Assignees

@DanielSchiavini DanielSchiavini

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DanielSchiavini @charles-cooper