Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow build-tags to run on forks #13970

Merged
merged 1 commit into from
Mar 22, 2024
Merged

Allow build-tags to run on forks #13970

merged 1 commit into from
Mar 22, 2024

Conversation

jsoref
Copy link
Contributor

@jsoref jsoref commented Mar 22, 2024

Short description

build-tags uses: PowerDNS/pdns/.github/workflows/build-packages.yml@master As of f107ec6, that workflow requires:

permissions:
  actions: read   # To read the workflow path.
  id-token: write # To sign the provenance.
  contents: write # To be able to upload assets as release artifacts

Per https://docs.github.com/en/actions/using-workflows/reusing-workflows in order for this to work, the calling job (in build-tags) needs to have the maximum required permissions in order for the calling workflow to be run.

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)
  • checked that this code was merged to master

@jsoref
Allow build-tags to run on forks
8c4888c 
build-tags uses: PowerDNS/pdns/.github/workflows/build-packages.yml@master
As of f107ec6, that workflow requires:

    permissions:
      actions: read   # To read the workflow path.
      id-token: write # To sign the provenance.
      contents: write # To be able to upload assets as release artifacts

Per https://docs.github.com/en/actions/using-workflows/reusing-workflows
in order for this to work, the calling job (in build-tags) needs to
have the maximum required permissions in order for the calling workflow
to be run.
@coveralls
Copy link

Pull Request Test Coverage Report for Build 8390542024

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 42 unchanged lines in 11 files lost coverage.
  • Overall coverage decreased (-0.001%) to 59.22%
Files with Coverage Reduction New Missed Lines %
pdns/sstuff.hh 1 65.17%
modules/gpgsqlbackend/gpgsqlbackend.cc 1 88.62%
pdns/tcpiohandler.cc 1 66.67%
pdns/dnsdistdist/dnsdist.hh 1 75.13%
pdns/stubresolver.cc 3 77.58%
pdns/tsigverifier.cc 3 77.22%
pdns/rcpgenerator.cc 3 89.77%
pdns/dnsdistdist/dnsdist.cc 4 68.09%
pdns/ssqlite3.cc 5 66.77%
pdns/dnsdistdist/dnsdist-carbon.cc 6 63.38%
Totals Coverage Status
Change from base Build 8389336253: -0.001%
Covered Lines: 113618
Relevant Lines: 158758
💛 - Coveralls

@Habbie
Copy link
Member

Habbie commented Mar 22, 2024
edited
Loading

@rgacogne this should remove the need to change a couple of uses: lines when testing SLSA things on our forks

@Habbie Habbie merged commit a481509 into PowerDNS:master Mar 22, 2024
76 checks passed
@jsoref jsoref deleted the build-tags-permissions branch March 22, 2024 15:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Habbie Habbie Habbie approved these changes

@rgacogne rgacogne rgacogne approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jsoref @coveralls @Habbie @rgacogne