-
Notifications
You must be signed in to change notification settings - Fork 508
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨ Use pull_request_target
+ protected env for e2e
#1308
Conversation
4c5dec3
to
07c7a74
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
did you try using workflow_run
as suggested by someone? Why can we not use it?
07c7a74
to
50bb99d
Compare
For |
50bb99d
to
722ad01
Compare
I can't get the integration test workflow to run in this PR. How do we test changes to such workflows? |
the code used by GitHub is the one in the target/base branch, IFAIK. You'll have to merge into main to test it out. Maybe try it on a cloned repo? |
So I setup my fork to have this change - https://github.com/azeemshaikh38/scorecard/blob/main/.github/workflows/integration.yml. Could you send my fork a PR from your fork to test this? |
you can create PRs to you fork, right? Does it make a difference if I send the PR or you do? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM overall. I don't think this is the right approach because it affects productivity so much. Every time we submit a PR, we'll have to wait for someone to LGTM to run the integration test.
As an interim solution, it's better than having PR blocked for ever so let's merge in.
I think the right approach is to use workflow_run
.
wdut?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
see comment about printed message. I don't understand how we know it's been reviewed.
See #1308 (comment) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks Azeem. Let's merge this one in and merge all the blocked PRs. Do you agree that we should move towards workflow_run
to avoid affecting productivity? (In a follow-up PR)
No |
This is still stuck :( I'm going to try and force submit it. Hopefully it should fix the issue for the other PRs. |
I see, that makes sense. Let's see if it's usable or not. Otherwise let's move to a model where we run the e2e tests without admin token. My understanding is that the token requires admin for certain check like branch protection: is my understanding correct? If that's the case, maybe we could at least separate the branch protection from the rest, to avoid blocking PR authors. @naveensrinivasan has allowed/approved many PRs to unblock us, but it was not actually a code review: there was no LGTM. What I'm concerned with is that we're going to approve in a rush to allow the tests to run, without doing a proper review. @naveensrinivasan how is the user experience to approve these test to run? |
TBH this is painful! |
What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
What is the current behavior? (You can also link to an open issue here)
What is the new behavior (if this is a feature change)?
Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)
Other information: