[all-commits] [llvm/llvm-project] 91fdb2: workflows: Split new-prs into two workflows
Tom Stellard via All-commits
all-commits at lists.llvm.org
Fri Sep 8 22:10:16 PDT 2023
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 91fdb20915696ab955be0baea18b976717e370b9
https://github.com/llvm/llvm-project/commit/91fdb20915696ab955be0baea18b976717e370b9
Author: Tom Stellard <tstellar at redhat.com>
Date: 2023-09-08 (Fri, 08 Sep 2023)
Changed paths:
M .github/workflows/new-prs.yml
A .github/workflows/pr-receive.yml
Log Message:
-----------
workflows: Split new-prs into two workflows
We cannot use the default github token for labeling PRs, because this
will not trigger the PR Subscriber job. However, we weren't allowed to
use a different token via a secret, because secrets aren't allowed
in PR workflows.
The solution is to create two workflows, the first accepts the
pull_request_taget event extracts the PR number and then starts
the second workflow which adds the labels to the PRs.
This separation ensures that nothing malicious in the first workflow is
able to access the secret we use in the second workflow.
More information about the All-commits
mailing list