Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: temporarily allow forked repos to run PR workflows #3503

Merged
merged 2 commits into from
Feb 10, 2022
Merged

fix: temporarily allow forked repos to run PR workflows #3503

merged 2 commits into from
Feb 10, 2022

Conversation

gustavovalverde
Copy link
Member

Motivation

The continuous deployment refactors included a workflow to cache Zcash parameters, which was triggered by a pull_request event. But when triggered from a forked repo, this event does not have the right context nor permissions to read secrets

Specifications

https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target

Solution

Temporarily use pull_request_target instead of pull_request

Review

@teor2345

Follow Up Work

This is a temporal fix, which needs to be solved with #3419

teor2345
teor2345 previously approved these changes Feb 9, 2022
View reviewed changes
Copy link
Contributor

@teor2345 teor2345 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for getting this done so quickly!

(And thanks for linking the follow-up ticket in the PR, it's good to know what the next steps are.)

@mergify mergify bot mentioned this pull request Feb 9, 2022
Closed
27 tasks
@codecov
Copy link

codecov bot commented Feb 10, 2022
edited
Loading

Codecov Report

Merging #3503 (a26afc8) into main (499ae89) will increase coverage by 0.15%.
The diff coverage is 74.66%.

❗ Current head a26afc8 differs from pull request most recent head 1e51bd7. Consider uploading reports for the commit 1e51bd7 to get more accurate results

@@            Coverage Diff             @@
##             main    #3503      +/-   ##
==========================================
+ Coverage   78.34%   78.49%   +0.15%     
==========================================
  Files         267      273       +6     
  Lines       31526    31900     +374     
==========================================
+ Hits        24698    25041     +343     
- Misses       6828     6859      +31

dconnolly
dconnolly suggested changes Feb 10, 2022
View reviewed changes
Copy link
Contributor

@dconnolly dconnolly left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not update a direct dependency of our Docker image to be writeable by a PR from anywhere, a local branch or a fork branch, before that change has been approved by a human and merged to #main :

zebra/docker/Dockerfile.build

Line 58 in a872f17

COPY --from=us-docker.pkg.dev/zealous-zebra/zebra/zcash-params /root/.zcash-params /root/.zcash-params

@gustavovalverde @dconnolly
fix(zcash-params): Do not update parameters image on PR
1e51bd7 
We should not update a direct dependency of our Docker image to be writeable by a PR from anywhere, a local branch or a fork branch, before that change has been approved by a human and merged to #main :

Co-authored-by: Deirdre Connolly <durumcrustulum@gmail.com>
@gustavovalverde gustavovalverde merged commit 284aeb7 into main Feb 10, 2022
@gustavovalverde gustavovalverde deleted the fix-forked-prs branch February 10, 2022 11:31
@teor2345 teor2345 mentioned this pull request Feb 14, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dconnolly dconnolly dconnolly requested changes

@teor2345 teor2345 teor2345 left review comments

Assignees

@gustavovalverde gustavovalverde

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gustavovalverde @dconnolly @teor2345