Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix automerge workflow for external users and bots #54

Open
lfilho opened this issue Jun 15, 2020 · 0 comments
Open

Fix automerge workflow for external users and bots #54

lfilho opened this issue Jun 15, 2020 · 0 comments

Comments

@lfilho
Copy link
Owner

lfilho commented Jun 15, 2020
edited
Loading

Problem

Out automerge workflow checks for our ops-bot user in order to kick in and auto merge our release auto-cut PRs.

We're using a repo-scoped PAT (Personal Access Token). This mean that the github.actor in our github action will be whichever user generated that token (lfilho in this case).

See https://github.com/peter-evans/create-pull-request/blob/master/docs/concepts-guidelines.md#triggering-further-workflow-runs for more details.

Solution

We probably want to do https://github.com/peter-evans/create-pull-request/blob/master/docs/concepts-guidelines.md#push-pull-request-branches-to-a-fork as it's the most secure approach.

Temporary workaround

As I'm the only developer here so far, I have just changed the check to accept my username and instead I'm adding another condition to check for the specific automerge label.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lfilho