Skip to content

Commit 959ba72

Browse files
author
Michael DiPietro
committed
allowing some secret access with target workflows
bug: T295754
1 parent 7b58fb0 commit 959ba72

File tree

6 files changed

+15
-11
lines changed

6 files changed

+15
-11
lines changed

.github/workflows/jobber.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
name: build and push jobber
22

33
on:
4-
pull_request:
4+
pull_request_target:
55
paths:
66
- images/jobber/**
77

88
jobs:
99
build-and-push:
1010
name: build and push jobber
11-
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v1
11+
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v2
1212
with:
1313
imagename: jobber
1414
secrets:

.github/workflows/nbserve.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
name: build and push nbserve
22

33
on:
4-
pull_request:
4+
pull_request_target:
55
paths:
66
- images/nbserve/**
77

88
jobs:
99
build-and-push:
1010
name: build and push nbserve
11-
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v1
11+
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v2
1212
with:
1313
imagename: nbserve
1414
secrets:

.github/workflows/paws-hub.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
name: build and push paws-hub
22

33
on:
4-
pull_request:
4+
pull_request_target:
55
paths:
66
- images/paws-hub/**
77

88
jobs:
99
build-and-push:
1010
name: build and push paws-hub
11-
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v1
11+
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v2
1212
with:
1313
imagename: paws-hub
1414
secrets:

.github/workflows/renderer.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
name: build and push renderer
22

33
on:
4-
pull_request:
4+
pull_request_target:
55
paths:
66
- images/renderer/**
77

88
jobs:
99
build-and-push:
1010
name: build and push renderer
11-
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v1
11+
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v2
1212
with:
1313
imagename: renderer
1414
secrets:

.github/workflows/singleuser.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,15 @@
11
name: build and push singleuser
22

33
on:
4-
pull_request:
4+
pull_request_target:
55
paths:
66
- images/singleuser/**
77

88

99
jobs:
1010
build-and-push:
1111
name: build and push singleuser
12-
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v1
12+
uses: toolforge/github-actions/.github/workflows/build-and-push.yaml@build-and-push-v2
1313
with:
1414
imagename: singleuser
1515
secrets:

.github/workflows/update-container-tags.yaml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
name: update container tags
22

33
on:
4-
pull_request:
4+
pull_request_target:
55

66
jobs:
77
update-container-tags:
@@ -10,10 +10,14 @@ jobs:
1010
- uses: actions/checkout@v2
1111
with:
1212
token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
13+
repository: ${{ github.event.pull_request.head.repo.full_name }}
1314

1415
- name: git fetch
1516
run: |
1617
git fetch
18+
- name: git checkout
19+
run: |
20+
git checkout ${{ github.head_ref }}
1721
1822
# Github actions doesn't have much in the way of loops. Using a matrix results
1923
# in multiple separate jobs being run, which will try to overwrite one another.

0 commit comments

Comments
 (0)