Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Include the GITHUB_TOKEN/GITEA_TOKEN secret for fork pull requests #26759

Merged
merged 12 commits into from
Aug 29, 2023
Merged

Include the GITHUB_TOKEN/GITEA_TOKEN secret for fork pull requests #26759

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
897fffe
Include the GITHUB_TOKEN/GITEA_TOKEN secret for fork pull requests
js6pak Aug 27, 2023
0a13adf
Apply suggestions from code review
wolfogre Aug 29, 2023
a049dd8
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
184f7c5
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
52bd256
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
e148271
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
45e6b41
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
81ea592
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
a76301a
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
876c278
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
f151fd5
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
595bb0e
Merge branch 'main' into pr-github-token
GiteaBot Aug 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 8 additions & 7 deletions routers/api/actions/runner/utils.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,14 @@ func pickTask(ctx context.Context, runner *actions_model.ActionRunner) (*runnerv

func getSecretsOfTask(ctx context.Context, task *actions_model.ActionTask) map[string]string {
secrets := map[string]string{}

if _, ok := secrets["GITHUB_TOKEN"]; !ok {
secrets["GITHUB_TOKEN"] = task.Token
}
if _, ok := secrets["GITEA_TOKEN"]; !ok {
secrets["GITEA_TOKEN"] = task.Token
}

if task.Job.Run.IsForkPullRequest && task.Job.Run.TriggerEvent != actions_module.GithubEventPullRequestTarget {
// ignore secrets for fork pull request
// for the tasks triggered by pull_request_target event, they could access the secrets because they will run in the context of the base branch
Expand Down Expand Up @@ -82,13 +90,6 @@ func getSecretsOfTask(ctx context.Context, task *actions_model.ActionTask) map[s
}
}

if _, ok := secrets["GITHUB_TOKEN"]; !ok {
secrets["GITHUB_TOKEN"] = task.Token
}
if _, ok := secrets["GITEA_TOKEN"]; !ok {
secrets["GITEA_TOKEN"] = task.Token
}

return secrets
}

Expand Down