Skip to content

Update Github Actions to secure pull request workflows from forks #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dkozma opened this issue May 16, 2022 · 2 comments
Open

Update Github Actions to secure pull request workflows from forks #13

dkozma opened this issue May 16, 2022 · 2 comments
Assignees
@emensch @dkozma
Labels
testing tooling

Comments

@dkozma
Copy link

dkozma commented May 16, 2022

Right now, secrets are not shared for forks on GitHub Actions, which is breaking pull request validations on forked repos. For now, we will be making branches on the local repo, however we should be using the pull_request_target workflow and conditionally running actions as discussed here: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
@dkozma dkozma mentioned this issue May 16, 2022
Closed
10 tasks
@crandmck
Copy link
Collaborator

@adobe export issue to Jira project CAI

@github-jira-sync-bot
Copy link
Collaborator

✅ Jira issue https://jira.corp.adobe.com/browse/CAI-3376 is successfully created for this GitHub issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@emensch emensch

@dkozma dkozma

Labels
testing tooling
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@emensch @crandmck @dkozma @github-jira-sync-bot