-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Publish workflow cannot push to protected branch #341
Comments
I suggest we go with the first option and use @gmrigna github user for this so we don't screw things up? We can also unprotect the master since it does require signed commits, which are hard to do from terminal client. |
How does that work with signing on and security in the context of our Action?
Not a fan of this. Maybe instead we can create a bot OPTIMADE-dev user? |
It would just use a personal access token that @gmrigna would have to make and put in secrets. It would have no use outside of actions. Making a bot user is not much different. It's just another account for someone to maintain and bot accounts are generally neglected. |
Right, PAT should work - true. |
No, we just add @gmrigna as an exception to the normal protection rules. Have him put his PAT in as a secret, and just switch that commit action to use the PAT in the secret. |
Well if that works and the two-layered security of a valid username+PAT works, then that would be an implementable solution for sure. |
This has been solved by the newest edition of the publish workflow, utilizing the action |
The publish workflow fails due to an attempt at pushing to a protected branch.
Possible solutions:
The first option may be dangerous, since it will open up the possibility of a user force pushing to
master
without our consent.The second option fails to be a "one-button-option".
The text was updated successfully, but these errors were encountered: