Skip to content

Add a staging github workflow too #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 27, 2024
Merged

Add a staging github workflow too #14

merged 1 commit into from
Nov 27, 2024

Conversation

@hiroshinishio
Copy link
Contributor

@hiroshinishio hiroshinishio commented Nov 27, 2024

No description provided.

@hiroshinishio hiroshinishio merged commit a370e2f into main Nov 27, 2024
1 check failed
@hiroshinishio hiroshinishio deleted the wes branch November 27, 2024 08:01
sourcery-ai[bot]
sourcery-ai bot reviewed Nov 27, 2024
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @hiroshinishio - I've reviewed your changes and found some issues that need to be addressed.

Blocking issues:

  • Consider adding a condition to ensure pull request deployments only run on PRs from the same repository (link)

Overall Comments:

  • Consider adding the dependency installation step for production deployments as well to maintain consistency between environments
Here's what I looked at during the review
  • 🟢 General issues: all looks good
  • 🔴 Security: 1 blocking issue
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

.github/workflows/deploy.yml
name: Deploy Forge App to Jira

on:
pull_request:
Copy link

@sourcery-ai sourcery-ai bot Nov 27, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 suggestion (security): Consider adding a condition to ensure pull request deployments only run on PRs from the same repository

Pull requests from forks could potentially expose sensitive deployment credentials. Add 'if: github.event.pull_request.head.repo.full_name == github.repository' to the job level.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hiroshinishio