Help
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
GitHub Staff
Message 21 of 33

Re: Github Workflow not running from pull request from forked repository

We have work going on to enable that scneario but the changes where deeper than just the actions token for a number of reasons.  I expect we will ship that before the end of the year.

Highlighted
Pilot Lvl 1
Message 22 of 33

Re: Github Workflow not running from pull request from forked repository

that will be great and thank you very much for the update ..

Highlighted
Copilot Lvl 3
Message 23 of 33

Re: Github Workflow not running from pull request from forked repository

Hey, @chrispat, do you have anything to share with us? Github Actions will be GAd in a couple of days, right? (Github Universe 2019)?

Highlighted
GitHub Staff
Message 24 of 33

Re: Github Workflow not running from pull request from forked repository

This is not something we have been able to solve yet unfortuately.  

Highlighted
Copilot Lvl 3
Message 25 of 33

Re: Github Workflow not running from pull request from forked repository

wow, talking about timing, just saw you just replied. I may be oversimplifying things, but if we are concerned on bad actors changing GitHub actions via PR and leak secrets, why not just prohibit all forks from editing a GitHub action? That way, it's impossible for a bad actor maliciously to change a GitHub action. My issue is PR not being triggered via forks. If it's read-only then problem solved right?Annotation 2019-11-13 064905.jpg

Highlighted
Ground Controller Lvl 1
Message 26 of 33

Re: Github Workflow not running from pull request from forked repository

@thisguychris No it's not solved since you could still leak secrets from the code that's being tested.

Highlighted
Copilot Lvl 3
Message 27 of 33

Re: Github Workflow not running from pull request from forked repository

@bbenoist Again my question is if the secrets are leaking, why does it run on public repos? When you do a PR on a public repo, the action does get triggered. If it's a security issue shouldn't it be disabled as well?

Highlighted
Copilot Lvl 2
Message 28 of 33

Re: Github Workflow not running from pull request from forked repository

Looking forward to hear news about this.

Highlighted
Pilot Lvl 1
Message 29 of 33

Re: Github Workflow not running from pull request from forked repository

Dear @chrispat , 

Is there any update which you would like to share with us  on the GITHUB_ACCESS Token for the Pull Request coming from the forks ?. 

Highlighted
Copilot Lvl 2
Message 30 of 33

Re: Github Workflow not running from pull request from forked repository

This is a must have, as this adds a manual step for reviewers to check action execution results on the forked repo.