-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove backing web app #103
Comments
I don't think it's simple or feasible migrating to this as it requires a human to change the action format. I think we should fork this repo and create a fresh action with new instructions. |
That's an option as well. Just so we're on the same line, to the best of my understanding this would require a change in the workflow yml file where this action is used, to include a permissions entry which gives the github token pull request write permissions. This change could be easily scriptable in most scenarios. |
How is it scriptable? Could the current action make the change on its own to all the repos it is installed on? Would it be the right thing to do? |
The action cannot do this change itself, it's the workflow's yml file that needs to change to include additional configuration. It can be scripted in the sense that a script could go around and update all the workflows where the action is being used, at least within the fastify organization. |
+1 on the script! Could you make sure (without any modifications to the action file) that this action is not self-updating to the next major? I would like to prevent a scenario where we break all our users without giving them time to upgrade. |
Regarding this aspect, I wrote an automation-migration script: It needs to be run locally and it will update all the repositories listed in this file: |
Prerequisites
🚀 Feature Proposal
GitHub announced that dependabot will now respect the GITHUB_TOKEN permissions configured in workflows.
https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/
Because of this, there's a good chance that this action won't need the backing web app it's currently using and can be rewritten as a plain, self-contained action.
Motivation
No response
Example
No response
The text was updated successfully, but these errors were encountered: