New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[feature] ok-to-test allows testing on forked branches with secrets #320
Conversation
Co-authored-by: Ryan King <rking@chanzuckerberg.com>
private_key: ${{ secrets.OK_TO_TEST_PRIVATE_KEY }} | ||
|
||
- name: Slash Command Dispatch | ||
uses: peter-evans/slash-command-dispatch@v1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there's a v2 for this action, I wonder if worth upgrading (either now or subsequent pr)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should try using v1
first and then try with v2
since I'm expecting some other things might need to change besides the version number.
issue-type: pull-request | ||
commands: ok-to-test | ||
named-args: true | ||
permission: write |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder how we verify this is enforced
Co-authored-by: Eduardo Lopez <elopez@chanzuckerberg.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm 🎉
idk if @ryanking wants to take a pass
References:
https://github.com/imjohnbo/ok-to-test
Method:
Copied over the
.github/workflows
files and modified to use the preferred method of authentication:Preferred: GitHub App installation access token with contents: write and metadata: read permissions
We had to follow these instructions to create a new Github App for the
chanzuckerberg
organization, not a personal account app. We were able to create and use theapp id
in the app settings and a private key after creating the app. Both are stored in Github secrets now. We changed the githash condition to be more strict than the one written in the original project.