Remove broken github actions workflow#4673
Merged
1ucian0 merged 1 commit intoQiskit:masterfrom Jul 9, 2020
Merged
Conversation
In Qiskit#4544 a github action workflow was added to attempt to automate leaving a comment on PRs that made changes to the matplotlib with a link to a jupyter environment running in binder that will show a visual diff of the changes being made. But this workflow can't work for PRs opened from forks (which is most of them) because the permissions for the github actions workflow only allows reading from the github api [1] and will not be able to leave comments. This is done for obvious security reasons because a job triggered by an external fork can run arbitrary code so you don't want to give any elevated permissions until the code has been verified. Since this approach will never be viable using github actions (or a similar ci platform) this commit removes the job.
1ucian0
approved these changes
Jul 9, 2020
faisaldebouni
pushed a commit
to faisaldebouni/qiskit-terra
that referenced
this pull request
Aug 5, 2020
In Qiskit#4544 a github action workflow was added to attempt to automate leaving a comment on PRs that made changes to the matplotlib with a link to a jupyter environment running in binder that will show a visual diff of the changes being made. But this workflow can't work for PRs opened from forks (which is most of them) because the permissions for the github actions workflow only allows reading from the github api [1] and will not be able to leave comments. This is done for obvious security reasons because a job triggered by an external fork can run arbitrary code so you don't want to give any elevated permissions until the code has been verified. Since this approach will never be viable using github actions (or a similar ci platform) this commit removes the job.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
In #4544 a github action workflow was added to attempt to automate
leaving a comment on PRs that made changes to the matplotlib with a link
to a jupyter environment running in binder that will show a visual diff
of the changes being made. But this workflow can't work for PRs opened
from forks (which is most of them) because the permissions for the
github actions workflow only allows reading from the github api [1]
and will not be able to leave comments. This is done for obvious
security reasons because a job triggered by an external fork can run
arbitrary code so you don't want to give any elevated permissions until
the code has been verified. Since this approach will never be viable
using github actions (or a similar ci platform) this commit removes the
job.
Details and comments
[1] https://docs.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token#permissions-for-the-github_token