Skip to content

Fork Deployment Safety 🔒 #331

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 11 commits into from
Dec 6, 2024
Merged

Fork Deployment Safety 🔒 #331

merged 11 commits into from
Dec 6, 2024

Conversation

GrantBirki
Copy link
Member

@GrantBirki GrantBirki commented Dec 5, 2024

Fork Deployment Safety

This pull request is a continuation of safety measures being applied to this Action to make sure it is as safe and reliable as possible!

Forks are the lifeblood of the open source ecosystem. However, they should be treated as untrusted by default until they can be reviewed and approved. If you have a project using this Action in an open source nature, you might receive a pull request originating from a fork. Using the default setup of this Action, it respects your branch protection settings if you were to .deploy that PR fork. This means that if you don't require any reviews, you will deploy that fork. This is inherently risky and this PR helps to protect us a bit more when deploying PR forks in the wild (if even applicable).

If your branch protection settings (or rulesets) require that a PR must have an approval then this Action will respect that and reject deployments that don't meet that criteria. However, there are a few edge cases where you could bypass those protections:

  • If you configure yourself as an admin of this Action then you can bypass reviews and deploy a PR without them.
  • If you configure skip_reviews on an environment, then you can also skip reviewing a PR or a PR fork before it can be deployed

Both of these avenues will no longer exist after this PR merges. Forks will be treated with highest level of restrictions when being deployed by this Action. Admins will now be required to comply with required reviews (on deploys of forks) and skip_reviews will no longer apply to forks (meaning that you cannot skip reviews on forks - they are now mandatory). Both .deploy and .noop deployments will be impacted by this change. In the past, .noop deployments did not require a review at all, but now they do (for forks). These changes will not effect normal PRs that don't originate from forks.

@GrantBirki GrantBirki added the enhancement New feature or request label Dec 5, 2024
@GrantBirki GrantBirki requested a review from Copilot December 6, 2024 19:23
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 9 out of 9 changed files in this pull request and generated no suggestions.

Comments skipped due to low confidence (1)

src/functions/prechecks.js:81

  • The comment should be more descriptive to explain why the forkBypass is set to true. Suggestion: 'Setting forkBypass to true because the stable branch is being used as the deployment target, even though the command is executed on a fork.'
forkBypass = true // even though this command is taking place on a fork, the stable branch is the one being used as the deployment target

Tip: Copilot code review supports C#, Go, Java, JavaScript, Markdown, Python, Ruby and TypeScript, with more languages coming soon. Learn more

@GrantBirki GrantBirki merged commit 0c15b9a into main Dec 6, 2024
4 checks passed
@GrantBirki GrantBirki deleted the fork-deployment-safety branch December 6, 2024 19:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant