]> begriffs open source - cmsis/commit
begriffs.com / projects / cmsis / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 6d8ba53) | patch
Two-tier approach to overcome GitHub permission restriction
authorSamuel Pelegrinello Caipers <71756456+spcaipers-arm@users.noreply.github.com>
Thu, 10 Nov 2022 17:06:03 +0000 (17:06 +0000)
committerGitHub <noreply@github.com>
Thu, 10 Nov 2022 17:06:03 +0000 (18:06 +0100)
commitd8b149e363f89875aba11e57b2dea8f8c053fd0e
treea9c9018d0dd7dca595699de368f49a82ace56521tree | snapshot
parent6d8ba53dcfbd95db08923892856907788273e165commit | diff
Two-tier approach to overcome GitHub permission restriction

Using a two-tier approach to overcome GitHub permission restriction
on pull requested-based runs.

The caller-corevalidation.yml is triggered by PRs (with limited
permission if forked), it collects PR number to be passed to the
called corevalidation.yml (this run has  full permissions, e.g.
to assume-role and consume secrets).

The corevalidation workflow will feedback on its status to the PR
with a "CoreValidation" check name.

Caveat: The corevalidation.yml code is, by GH design, run from
the base branch, not from the PR. So, changes on integration-test.yml
file only take effect when merged to the base branch (e.g. main)
.github/workflows/caller-corevalidation.yml [new file with mode: 0644] blob
.github/workflows/corevalidation.yml diff | blob | history
https://github.com/ARM-software/CMSIS_6.git