Help
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
GitHub Staff
Message 11 of 33

Re: Github Workflow not running from pull request from forked repository

Currently we do not support running PRs from forks for private repos as we are trying to figure out some of the security issues associated with that.  This is something we are looking to address by GA.

Highlighted
Pilot Lvl 1
Message 12 of 33

Re: Github Workflow not running from pull request from forked repository

Dear @chrispat  ,  Thank you for your response.

 

For Open Source Projects,  Currently lot of actions  such as coverallslabeller, unit tests, doesn't work and fails with *Resource Not Accessible by Integrationerror, for the Pr coming from Forked repos. This is because The permissions for the GITHUB_TOKEN in forked repositories is read-only for all the events. As we are getting more than 90 %  of the contributions from the Forked Repositories, I'd like to use the above mentioned actions for showing up code coverage, labeller, unit tests in the Pull_request_comment. I think If there is a way to trigger the workflow in the upstream branch for this use-case, then This problem can be solved, or there should be read/write access at least for the Pull Request (access by forked repositories) as this is not critical and won't have write access to the content of the base repository.  

Screen Shot 2019-10-02 at 12.10.06.png

 

 

As I already mentioned, since we get contributions only from the forked repos, this is a must have feature. Others have already reported in multiple other discussions and please tell us if there is any workaround solution to enable action commenting on the PR  coming from the forked repositories. 

Thanks in Advance. 

Highlighted
Copilot Lvl 3
Message 13 of 33

Re: Github Workflow not running from pull request from forked repository

"Looking to address by GA"

 

What is GA in this context?

 

Thanks for keeping us updated- we are also unable to make use of Actions on our corporate repos until this is resolved.

Highlighted
Ground Controller Lvl 2
Message 14 of 33

Re: Github Workflow not running from pull request from forked repository

GA = General Availability

Highlighted
Copilot Lvl 3
Message 15 of 33

Re: Github Workflow not running from pull request from forked repository

What about running PR from fork/branchA to fork/branchB? Original repo is not touched in this case. Fork is public. Is it bug or somehow affected by security reasons?

Highlighted
Ground Controller Lvl 2
Message 16 of 33

Re: Github Workflow not running from pull request from forked repository

What a pity - we are going to upgrade our organization to `GitHub Team` level, but this feature is very very desirable, since we manage our repos changes using PR's from forked repos. Any idea when `pull-request` event for private repos forks will work?

Highlighted
Copilot Lvl 2
Message 17 of 33

Re: Github Workflow not running from pull request from forked repository

EDIT:

Currently we do not support running PRs from forks for private repos as we are trying to figure out some of the security issues associated with that.  This is something we are looking to address by GA.

 

This is the case for public repositories too right? Forks only have a RO  access token hence merging of PRs or addition/removal of labels cannot be automated. However, according to Github documentation, pull_request events are triggered for the base repo ONLY and hence this workflow could theoretically be automated. So was this change to block events to base repository intended? If so can this be regarded as a  temporary change until a proper security solution is found?

Highlighted
Copilot Lvl 3
Message 18 of 33

Re: Github Workflow not running from pull request from forked repository

@chrispat with General Availability fast approaching, I was wondering how sorting out the security issues for private repos was progressing.

Highlighted
GitHub Staff
Message 19 of 33

Re: Github Workflow not running from pull request from forked repository

Unfortuately we were not able to addres the private repo and private fork scneario.  It is something we still do plan to address but I do not have a delivery date at the moment.

Highlighted
Pilot Lvl 1
Message 20 of 33

Re: Github Workflow not running from pull request from forked repository

@chrispat Thank you for the update. Were you able to address this https://github.community/t5/GitHub-Actions/Github-Workflow-not-running-from-pull-request-from-forked... critical issue for PR coming from the forked repo with a security model in place ??..