Skip to content

Fix to run check-docs-changes worflow in forks #1710

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 21, 2024
Merged

Fix to run check-docs-changes worflow in forks #1710

merged 2 commits into from
Aug 21, 2024

Conversation

kumaranvpl
Copy link
Collaborator

@kumaranvpl kumaranvpl commented Aug 21, 2024
edited
Loading

Description

git-auto-commit-action does support updating fork PRs as specified here - stefanzweifel/git-auto-commit-action#211.

This fix has been taken from going through above issue and reading following links:

  1. https://github.com/stefanzweifel/git-auto-commit-action?tab=readme-ov-file#workflow-should-run-in-base-repository
  2. https://github.com/stefanzweifel/git-auto-commit-action-demo-app/pull/33/files
  3. https://github.com/sunpy/sunpy/blob/cb2674931dc7529a86c8023eefc152b933adf03f/.github/workflows/changelog_bot.yml

@Lancetnik GitHub notifies that using pull_request_target could be potentially unsafe and could expose secrets - https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/. But GitHub also mentions that it is fine to use pull_request_target to update PR with stuff like adding label, adding comment, etc.

I believe for our use case, which is updating docs in PR, we could use pull_request_target in check-docs-changes CI job. Please keep in mind that we shouldn't use pull_request_target anywhere else.

I have observed that FastAPI also uses pull_request_target in its workflows for automation cases like our case.

Finally, this solution works for fork PRs. I have created a PR in which I have added a dummy file with a dummy class - #1709. I created my PR to this current branch(fix-update-api-docs-action) instead of main branch. check-docs-changes ran successfuly https://github.com/airtai/faststream/actions/runs/10487467300/job/29047872884 and added docs changes as new commit - https://github.com/airtai/faststream/pull/1709/commits

Fixes #1705

Type of change

Please delete options that are not relevant.

  • Documentation (typos, code examples, or any documentation updates)
  • Bug fix (a non-breaking change that resolves an issue)
  • New feature (a non-breaking change that adds functionality)
  • Breaking change (a fix or feature that would disrupt existing functionality)
  • This change requires a documentation update

Checklist

  • My code adheres to the style guidelines of this project (scripts/lint.sh shows no errors)
  • I have conducted a self-review of my own code
  • I have made the necessary changes to the documentation
  • My changes do not generate any new warnings
  • I have added tests to validate the effectiveness of my fix or the functionality of my new feature
  • Both new and existing unit tests pass successfully on my local environment by running scripts/test-cov.sh
  • I have ensured that static analysis tests are passing by running scripts/static-analysis.sh
  • I have included code examples to illustrate the modifications

@kumaranvpl kumaranvpl requested a review from Lancetnik August 21, 2024 10:00
@Lancetnik Lancetnik added this pull request to the merge queue Aug 21, 2024
Merged via the queue into main with commit ce092e6 Aug 21, 2024
26 checks passed
@Lancetnik Lancetnik deleted the fix-update-api-docs-action branch August 21, 2024 11:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Lancetnik Lancetnik Lancetnik approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Fix generate API docs workflow in fork PRs
2 participants
@kumaranvpl @Lancetnik