New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Build PRs from forks #10
Comments
-- @zimbatm Thanks :) |
If you have push access, you can already declare trust in the external commit by pushing it to a branch in the repository that has CI configured for it. For example I just did:
Which is of course painful to use all the time, but does the job today until we have an actual feature to make this easy as a click of a button. |
Could we do something like ask the Github API for a list of users who have merge rights and then trust branches from their forks? |
@michaelpj Seems feasible. |
Just ran into this again. |
Just ran into this. This is a really necessary feature for some organizations. Plutonomicon/plutarch-plutus#30 |
I prefer this workaround: # get $rev from tip of branch from fork
git fetch origin $rev # This works even if it's on a fork
git push origin "$rev:refs/heads/tmpbranch"
git push origin :tmpbranch |
This is a major condrum... i read this and just wanted to run away from random github users having and kind of CI access! this is why we can't have nice things. |
Currently, Hercules CI will only build from branches in the actual configured repo, therefore trusting collaborators (push access).
This provides basic protection against malevolent PRs but reduces the usefulness for open source users.
Potential improvements
N.B. this is a discussion of features that are not currently planned. Reactions/comments are welcome.
The text was updated successfully, but these errors were encountered: