Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add commisery GitHub action #15

Closed

Conversation

platten
Copy link
Contributor

@platten platten commented Feb 21, 2022

Closes #14

@platten platten force-pushed the infra/14-enable-conventional-commits branch from 0eee701 to b909f0f Compare February 21, 2022 12:46
rvolosatovs
rvolosatovs previously approved these changes Feb 21, 2022
Copy link
Member

@npmccallum npmccallum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Newline at end of file please.

uses: enarx/commisery-action@master
with:
token: ${{ secrets.GITHUB_TOKEN }}
pull_request: ${{ github.event.number }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does this action require our GITHUB_TOKEN? What permissions are we granting to it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's an automatically generated GITHUB_TOKEN for pulling the repository: https://github.com/enarx/commisery-action/blob/ecedfc765564e89b9a776bfea8d5717c686b15ad/commisery_action.py#L69

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is unnecessary for a public repo. You should submit a PR to make the token optional.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is unfortunately unfeasible, as this requires putting in a PR for the GitHub Python API library to not require a GITHUB_TOKEN. What I think is a better alternative is to simply restrict the access which GITHUB_TOKEN provides via: https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/

Signed-off-by: Paul Pietkiewicz <[email protected]>
@platten platten force-pushed the infra/14-enable-conventional-commits branch from 24b2e16 to 3197198 Compare February 21, 2022 14:09
@dpal
Copy link

dpal commented Jan 11, 2023

This PR can be closed since the issue was addressed later by a different PR and we have shared commisery workflow already implemented.

@dpal dpal closed this Jan 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Infrastructure]: Enable Conventional Commit Message Checker
4 participants