alaahong commented on PR #664: URL: https://github.com/apache/fesod/pull/664#issuecomment-3473172507
> > This pull request updates several GitHub Actions workflow files to restrict when certain jobs run, ensuring that scheduled or sensitive jobs only execute for the `apache/fesod` repository. This helps prevent unnecessary or unintended workflow runs on forks or other repositories. > > Workflow job execution restrictions: > > > > * Added conditional execution to the `codeql` job in `.github/workflows/codeql-scan.yml`, so it only runs on schedule for the main repository or always for other event types. > > * Added conditional execution to the `fuzz` job in `.github/workflows/fuzz-tests.yml`, mirroring the logic used for the CodeQL job. > > * Added conditional execution to the `nightly-test` job in `.github/workflows/nightly.yml`, restricting scheduled runs to the main repository. > > > > Repository-specific deployment and release: > > > > * Restricted the `deploy` job in `.github/workflows/deploy-docs.yml` to only run for the `apache/fesod` repository. > > * Restricted the `publish` job in `.github/workflows/release.yml` to only run for the `apache/fesod` repository. > > @alaahong Can you read the description of pr carefully, I think it detailed the reason and effects.Thank you~ As I mentioned, ``` Seems all schedule checking are not required. And meanwhile all changes in manual action are not required. Please limited the repository condition only on schedule action. ``` 1. All your changed action with schedule checking are related to quality and no any additional token or cost, seems no mandatory reason to limited; 2. for your limited action on deploy-docs and release, as they won't have the actual secret, seems no impact if not restrict 3. this mean encourage to only keep the "github.repository == 'apache/fesod'" checking on codeql-scan, fuzz-tests and nightly even I think it's also not a mandatory changes as contributor have the possible to be alert by default quality validation in fork repo by default. Please correct me if any out of your proposal, but quote again do not make the thing clearly~ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
