You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: .github/workflows/testAll_Continuous_Integration.md
+9-2Lines changed: 9 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -11,6 +11,12 @@ This design ensures security while allowing test reports to be posted on pull re
11
11
12
12
---
13
13
14
+
## ⚠️ Important Note
15
+
16
+
These workflows should be implemented on the **default branch** of the repository (either `master` or `main` in newer repositories) to ensure proper execution and integration. Running workflows on other branches may lead to unexpected behavior, security issues, or failure to post comments on pull requests.
17
+
18
+
---
19
+
14
20
## 🔐 Handling Forked Repositories: Why Two Workflows?
15
21
16
22
When a pull request originates from a fork, the `pull_request` event runs in the context of the fork, meaning it does not have permission to write to the base repository. This prevents the workflow from posting comments on the pull request.
@@ -64,6 +70,8 @@ This workflow is triggered when a pull request is opened, synchronized, or reope
64
70
```
65
71
66
72
- **Save PR Number and Upload as an Artifact**:
73
+
To ensure that `testAllCI_step2` can correctly comment on the corresponding pull request, we save the PR number as an artifact in `testAllCI_step1`. Since `testAllCI_step2` is triggered by `testAllCI_step1` using `workflow_run`, it does not have direct access to the PR metadata. Uploading the PR number as an artifact allows `testAllCI_step2` to retrieve and use it for posting test results in the correct pull request.
74
+
67
75
68
76
```yaml
69
77
- name: Save PR Number
@@ -89,7 +97,7 @@ Since this workflow only requires read permissions, it avoids potential security
89
97
This workflow is triggered when `testAllCI_step1` completes successfully. It follows these steps:
90
98
91
99
- **Download Test Report Artifact**:
92
-
100
+
Since GitHub Actions does not allow direct artifact downloads across workflows using `actions/download-artifact`, we use `dawidd6/action-download-artifact@v8` instead. This repository enables downloading artifacts from a previous workflow run by specifying the `run_id`, which is essential when handling artifacts between separate workflows. It follows these steps:
93
101
```yaml
94
102
- name: Download CTRF Artifact
95
103
uses: dawidd6/action-download-artifact@v8
@@ -147,4 +155,3 @@ By structuring the workflows this way, we achieve the following:
147
155
- **Seamless commenting** on pull requests with test results while mitigating security risks.
148
156
149
157
This approach balances **security** and **functionality**, making it a robust solution for continuous integration in repositories that accept contributions from forks. 🚀
0 commit comments