Skip to content

fix: separate safe permission check job and ci job#5460

Merged
junpuf merged 4 commits intomainfrom
dummy
Nov 7, 2025
Merged

fix: separate safe permission check job and ci job#5460
junpuf merged 4 commits intomainfrom
dummy

Conversation

@junpuf
Copy link
Contributor

@junpuf junpuf commented Nov 7, 2025
edited
Loading

  • PR Permission Gate workflow will be executed using base branch instead of using PR branch, which prevents malicious user from modifying the PR Permission Gate workflow itself to bypass the check.
  • Makes PR Permission Gate workflow a required workflow using branch protection rule.
  • CI workflow now react directly to pull-request event.

@junpuf
dummy change
8350091 
Signed-off-by: Junpu Fan <junpu@amazon.com>
@aws-deep-learning-containers-ci aws-deep-learning-containers-ci bot added authorized Size:XS Determines the size of the PR labels Nov 7, 2025
junpuf added 3 commits November 6, 2025 19:19
@junpuf
update
211c8ca 
Signed-off-by: Junpu Fan <junpu@amazon.com>
@junpuf
fix typo
555aae0 
Signed-off-by: Junpu Fan <junpu@amazon.com>
@junpuf
update
010ea8e 
Signed-off-by: Junpu Fan <junpu@amazon.com>
@junpuf junpuf changed the title dummy change fix: separate safe permission check job and ci job Nov 7, 2025
@junpuf junpuf enabled auto-merge (squash) November 7, 2025 03:30
@junpuf junpuf merged commit 66c6091 into main Nov 7, 2025
9 checks passed
@junpuf junpuf deleted the dummy branch November 8, 2025 07:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sallyseok sallyseok sallyseok approved these changes

Assignees

No one assigned

Labels

authorized Size:XS Determines the size of the PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@junpuf @sallyseok