New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CI: Skip 'required reviewers' check on forks (no org team check perms) #36370
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎ 1 Ignored Deployment
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it'd be cleaner to discard the use of ${{ secrets.OCTAVIA_4_ROOT_ACCESS}}
and replace it with ${{ GITHUB_TOKEN}}
We shall give the token the right set of read permissions.
GITHUB_TOKEN
for runs on fork
do have read permissions, so they likely be able to read:org
.
Circling back after a while... @alafanechere - docs seems to suggest that GITHUB_TOKEN won't be enough. https://github.com/tspascoal/get-user-teams-membership?tab=readme-ov-file#requirements
Can we accept this PR as a step in the right direction, and continue to iterate from here? My understanding is that my proposed update is actually in line with the intended logic of the condition that is being replaced. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM to me
@alafanechere - This is currently blocked on your review. Wdyt of continuing with this increment and then we can continue to tune in future iterations? |
This was cherry-picked from the PR:
This skips membership checks when on a fork, where don't have permissions to do so.
(Set to auto-merge on approval.)