diff options
| author | Silvan Mosberger <silvan.mosberger@tweag.io> | 2023-09-11 14:02:06 +0200 |
|---|---|---|
| committer | Silvan Mosberger <silvan.mosberger@tweag.io> | 2023-09-11 14:27:42 +0200 |
| commit | 437d00dde346bdd596ffe2686ec4ba67e01fde65 (patch) | |
| tree | ac2ea02d88b6921378f77fb5ed9a76011b648b72 /.github | |
| parent | d1ec027cb19fed7d725f318dea5f671349702e14 (diff) | |
workflows/check-by-name: Make runnable without approval
Co-Authored-By: zowoq <59103226+zowoq@users.noreply.github.com>
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/check-by-name.yml | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index da39846df4081..7a3598dbe2a4b 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -3,8 +3,10 @@ name: Check pkgs/by-name # The pre-built tool is fetched from a channel, -# making it work predictable on all PRs -on: pull_request +# making it work predictable on all PRs. +on: + # Using pull_request_target instead of pull_request avoids having to approve first time contributors + pull_request_target # The tool doesn't need any permissions, it only outputs success or not based on the checkout permissions: {} @@ -16,6 +18,9 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + # pull_request_target checks out the base branch by default + ref: refs/pull/${{ github.event.pull_request.number }}/merge - uses: cachix/install-nix-action@v23 - name: Determining channel to use for dependencies run: | |