feat: Add private repo workflows permission API support#3679
feat: Add private repo workflows permission API support#3679gmlewis merged 10 commits intogoogle:masterfrom
Conversation
There was a problem hiding this comment.
Pull Request Overview
This pull request adds API support for managing private repository fork PR workflow permissions across repositories, organizations, and enterprises. It implements 6 new endpoints for getting and setting workflow permissions that control how fork pull requests can run workflows on private repositories.
- Adds
WorkflowsPermissionsstruct to represent fork PR workflow settings - Implements repository-level API methods for getting and setting private repo fork PR workflow settings
- Implements organization-level and enterprise-level API methods for the same functionality
Reviewed Changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| github/actions_workflows.go | Adds WorkflowsPermissions struct with four boolean fields for controlling fork PR workflow behavior |
| github/repos_actions_permissions.go | Implements repository-level GET and PUT methods for private repo fork PR workflow settings |
| github/actions_permissions_orgs.go | Implements organization-level GET and PUT methods for private repo fork PR workflow settings |
| github/actions_permissions_enterprise.go | Implements enterprise-level GET and PUT methods for private repo fork PR workflow settings |
| github/repos_actions_permissions_test.go | Adds comprehensive tests for the repository-level API methods |
| github/actions_permissions_orgs_test.go | Adds comprehensive tests for the organization-level API methods |
| github/actions_permissions_enterprise_test.go | Adds comprehensive tests for the enterprise-level API methods |
| github/github-accessors.go | Adds getter methods for the WorkflowsPermissions struct fields |
| github/github-accessors_test.go | Adds tests for the getter methods |
| github/github-stringify_test.go | Adds test for the String() method of WorkflowsPermissions |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #3679 +/- ##
==========================================
+ Coverage 91.09% 91.12% +0.03%
==========================================
Files 187 187
Lines 16578 16640 +62
==========================================
+ Hits 15102 15164 +62
Misses 1291 1291
Partials 185 185 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
gmlewis
left a comment
gmlewis
left a comment
There was a problem hiding this comment.
Thank you, @zyfy29!
LGTM.
Awaiting second LGTM+Approval from any other contributor to this repo before merging.
@alexandear or @stevehipwell - might you have time for a code review? Thank you!
| // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-private-repo-fork-pr-workflow-settings-for-an-enterprise | ||
| // | ||
| //meta:operation PUT /enterprises/{enterprise}/actions/permissions/fork-pr-workflows-private-repos | ||
| func (s *ActionsService) EditPrivateRepoForkPRWorkflowSettingsInEnterprise(ctx context.Context, enterprise string, permissions WorkflowsPermissions) (*Response, error) { |
There was a problem hiding this comment.
According to the doc, the body parameter run_workflows_from_fork_pull_requests is required. So, we can't reuse WorkflowsPermissions here because RunWorkflowsFromForkPullRequests has a pointer type *bool.
There was a problem hiding this comment.
Now I use a mixture of pointer and non-pointer fileds to address that. Thanks for your review!
github/actions_workflows.go
Outdated
| RunWorkflowsFromForkPullRequests *bool `json:"run_workflows_from_fork_pull_requests,omitempty"` | ||
| SendWriteTokensToWorkflows *bool `json:"send_write_tokens_to_workflows,omitempty"` | ||
| SendSecretsAndVariables *bool `json:"send_secrets_and_variables,omitempty"` | ||
| RequireApprovalForForkPrWorkflows *bool `json:"require_approval_for_fork_pr_workflows,omitempty"` |
There was a problem hiding this comment.
| RequireApprovalForForkPrWorkflows *bool `json:"require_approval_for_fork_pr_workflows,omitempty"` | |
| RequireApprovalForForkPRWorkflows *bool `json:"require_approval_for_fork_pr_workflows,omitempty"` | |
| // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-private-repo-fork-pr-workflow-settings-for-an-enterprise | ||
| // | ||
| //meta:operation PUT /enterprises/{enterprise}/actions/permissions/fork-pr-workflows-private-repos | ||
| func (s *ActionsService) EditPrivateRepoForkPRWorkflowSettingsInEnterprise(ctx context.Context, enterprise string, permissions *WorkflowsPermissionsOpt) (*Response, error) { |
There was a problem hiding this comment.
| func (s *ActionsService) EditPrivateRepoForkPRWorkflowSettingsInEnterprise(ctx context.Context, enterprise string, permissions *WorkflowsPermissionsOpt) (*Response, error) { | |
| func (s *ActionsService) UpdatePrivateRepoForkPRWorkflowSettingsInEnterprise(ctx context.Context, enterprise string, permissions *WorkflowsPermissionsOpt) (*Response, error) { |
I think update makes more sense than edit both here and in the wider context of the package API.
There was a problem hiding this comment.
I think you are right, @stevehipwell, thank you.
There was a problem hiding this comment.
That's OK, I'll rename it.
There was a problem hiding this comment.
Or may I open another pr to do that? For the permissons APIs above, methods have been named GetXXX and EditXXX where both GET and PUT methods are used for the same path. I think we better rename it all at once to keep consistency.
There was a problem hiding this comment.
OK, I renamed the methods implemented in this pr for now.
| }) | ||
| } | ||
|
|
||
| func TestActionsService_EditPrivateRepoForkPRWorkflowSettingsInOrganization(t *testing.T) { |
There was a problem hiding this comment.
| func TestActionsService_EditPrivateRepoForkPRWorkflowSettingsInOrganization(t *testing.T) { | |
| func TestActionsService_UpdatePrivateRepoForkPRWorkflowSettingsInOrganization(t *testing.T) { |
There was a problem hiding this comment.
Oh, I fix it. Thank you!
| }) | ||
| } | ||
|
|
||
| func TestActionsService_EditPrivateRepoForkPRWorkflowSettingsInEnterprise(t *testing.T) { |
There was a problem hiding this comment.
| func TestActionsService_EditPrivateRepoForkPRWorkflowSettingsInEnterprise(t *testing.T) { | |
| func TestActionsService_UpdatePrivateRepoForkPRWorkflowSettingsInEnterprise(t *testing.T) { |
|
Thank you, @zyfy29 , @stevehipwell , and @alexandear! |
4 participants
3rd Pull Request for #3660
Add support for the "Allowing workflows on fork pull requests in private repositories" APIs, covering 6 endpoints.