Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable CI runs on external PRs #243

Closed
aherrmann opened this issue Jul 6, 2022 · 1 comment · Fixed by #276
Closed

Enable CI runs on external PRs #243

aherrmann opened this issue Jul 6, 2022 · 1 comment · Fixed by #276
Assignees
@bryanhonof
Labels
good first issue P2 major: an upcoming release type: feature request

Comments

@aherrmann
Copy link
Member

Enable CI runs on PRs coming from forks. As discussed in #236 (comment) this is currently not possible because the BuildBuddy secret cannot be exposed to actions run from forks and the run fails due to missing credentials.

Ideally, we'd find a way to configure a read-only token for actions run from forks while using a read-write token for internal runs.

Short of that, we could simply run without BuildBuddy at all for actions triggered from forks.
@aherrmann aherrmann added P2 major: an upcoming release type: feature request labels Jul 6, 2022
@aherrmann aherrmann mentioned this issue Jul 6, 2022
Merged
@bryanhonof
Copy link
Contributor

I think we could combine the "Auth file", and read-only keys to achieve this. Perhaps have the CI try and generate a file in the CI when the read-write secrets exists, and otherwise fall-back on this read-only key that could just live in source control itself. Or have the read-only "auth-file" be the default, and have the CI overwrite it when the read-write one is available?

@bryanhonof bryanhonof self-assigned this Jul 7, 2022
This was referenced Jul 8, 2022
Closed
Open
bryanhonof added a commit that referenced this issue Jul 12, 2022
@bryanhonof
refactor(bazelrc): Add pr and ci configs
46513f7 
This is the beginning of trying to make PRs work.

Refs: #243
bryanhonof added a commit that referenced this issue Jul 13, 2022
@bryanhonof
feature(ci): Add PR workflow
02b56fd 
This workflow will use the cache, without uploading the local results to
BuildBuddy. This should avoid the error we currently get when a API key
isn't supplied to the job.

Ref: #243
@bryanhonof bryanhonof mentioned this issue Jul 13, 2022
Closed
@aherrmann aherrmann mentioned this issue Aug 29, 2022
Merged
@avdv avdv mentioned this issue Nov 7, 2022
Merged
@mergify mergify bot closed this as completed in #276 Nov 7, 2022
@benradf benradf mentioned this issue Aug 3, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bryanhonof bryanhonof

Labels
good first issue P2 major: an upcoming release type: feature request
Projects
None yet
Milestone
No milestone
2 participants
@aherrmann @bryanhonof