Skip to content

fix: harden e2e-test workflow to install requirements.txt from trusted default branch instead#105

Merged
Zaperex merged 1 commit into
redhat-developer:mainfrom
Zaperex:update-pip
Jun 30, 2026
Merged

fix: harden e2e-test workflow to install requirements.txt from trusted default branch instead#105
Zaperex merged 1 commit into
redhat-developer:mainfrom
Zaperex:update-pip

Conversation

@Zaperex

@Zaperex Zaperex commented Jun 30, 2026

Copy link
Copy Markdown
Member

Description

Updates the e2e-test workflow to no longer install requirements.txt from PR branch for better security. As a tradeoff, this means PRs that update requirements.txt will need to have that merged first. Also restricts the branches where the cascaded workflows can be triggered from.

Which issue(s) does this PR fix

  • Fixes #

PR acceptance criteria

Please make sure that the following steps are complete:

  • GitHub Actions are completed and successful
  • Tests are updated and passing
  • Documentation is updated

How to test changes / Special notes to the reviewer

…d default branch instead

Signed-off-by: Frank Kong <frkong@redhat.com>
@Zaperex Zaperex merged commit e7f37f2 into redhat-developer:main Jun 30, 2026
6 checks passed
@Zaperex Zaperex deleted the update-pip branch June 30, 2026 15:35
@github-actions

Copy link
Copy Markdown
Contributor

Container Image Published

Multi-platform container images are now available.

Tag Image Platforms
pr-105 quay.io/rhdh-community/dynamic-plugins-factory:pr-105 linux/amd64, linux/arm64
pr-105-4213b50 quay.io/rhdh-community/dynamic-plugins-factory:pr-105-4213b50 linux/amd64, linux/arm64

Expires: July 14, 2026

Pull Commands

# Multi-platform (auto-selects correct architecture)
podman pull quay.io/rhdh-community/dynamic-plugins-factory:pr-105

# Or with specific commit SHA
podman pull quay.io/rhdh-community/dynamic-plugins-factory:pr-105-4213b50

Traceability

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant