Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable push workflow for PRs #234

Merged
merged 1 commit into from
Jan 31, 2020
Merged

Enable push workflow for PRs #234

merged 1 commit into from
Jan 31, 2020

Conversation

cimnine
Copy link
Collaborator

@cimnine cimnine commented Jan 30, 2020

Related Issue:

New Behavior

The push workflow is also executed for PRs.

Contrast to Current Behavior

We PRs don't get automatic feedback on PRs, because the workflow is not triggered.

Discussion: Benefits and Drawbacks

Currently the workflow push was only called when someone pushed to this repository. But since only maintainers can push to this repository, PRs from outsiders were not triggering the pipeline.
This PR changes this, so that the pipeline is also triggered for PRs.

When implementing this change I feared that this may cause a problem, namely that this could be used to leak secrets we have configured for pushing to Docker Hub.

After consulting the documentation (and a chat with Github support because I was not certain I understood it the right way) I was assured that secrets should not leak due to someone meddling with the workflow files.

The documentation reads:

With the exception of GITHUB_TOKEN, secrets are not passed to the runner when a workflow is triggered from a forked repository.

Changes to the Wiki

n/a

Proposed Release Note Entry

n/a

Double Check

  • I have read the comments and followed the PR template.
  • I have explained my PR according to the information in the comments.
  • My PR targets the develop branch.

@cimnine cimnine added this to the 0.22.0 milestone Jan 30, 2020
@cimnine cimnine added the maintenance The issue describes a maintenance task, such as upgrading a dependency to a certain version. label Jan 30, 2020
@cimnine cimnine requested a review from tobiasge January 30, 2020 14:56
@cimnine cimnine merged commit ce74e94 into develop Jan 31, 2020
@cimnine cimnine deleted the test-pr branch January 31, 2020 08:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tobiasge tobiasge tobiasge approved these changes

Assignees
No one assigned
Labels
maintenance The issue describes a maintenance task, such as upgrading a dependency to a certain version.
Projects
None yet
Milestone
0.22.0
Development

Successfully merging this pull request may close these issues.
2 participants
@cimnine @tobiasge