Remove backing web app #103
Comments
|
I don't think it's simple or feasible migrating to this as it requires a human to change the action format. I think we should fork this repo and create a fresh action with new instructions. |
|
That's an option as well. Just so we're on the same line, to the best of my understanding this would require a change in the workflow yml file where this action is used, to include a permissions entry which gives the github token pull request write permissions. This change could be easily scriptable in most scenarios. |
|
How is it scriptable? Could the current action make the change on its own to all the repos it is installed on? Would it be the right thing to do? |
|
The action cannot do this change itself, it's the workflow's yml file that needs to change to include additional configuration. It can be scripted in the sense that a script could go around and update all the workflows where the action is being used, at least within the fastify organization. |
|
+1 on the script! Could you make sure (without any modifications to the action file) that this action is not self-updating to the next major? I would like to prevent a scenario where we break all our users without giving them time to upgrade. |
Regarding this aspect, I wrote an automation-migration script: It needs to be run locally and it will update all the repositories listed in this file: |
Prerequisites
🚀 Feature Proposal
GitHub announced that dependabot will now respect the GITHUB_TOKEN permissions configured in workflows.
https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/
Because of this, there's a good chance that this action won't need the backing web app it's currently using and can be rewritten as a plain, self-contained action.
Motivation
No response
Example
No response
The text was updated successfully, but these errors were encountered: