deepsola commented on PR #6004: URL: https://github.com/apache/rocketmq/pull/6004#issuecomment-1427251892
> @deepsola It seems that only one workflow for building distributed tar was added when submitting PR and no e2e test was run. According to the security issues raised in this article, https://securitylab.github.com/research/github-actions-preventing-pwn-requests/, secrets cannot be accessed in the CI execution generated by pr, while e2e The test needs to use secrets, so I use [workflow_run](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run) to split the CI of the pull request into two parts, pr.yml and pr-e2e-test.yml, where pr-e2e-test.yml will be executed after the end of pr.yml, but only pr-e2e-test.yml will be triggered only if it exists in the default branch. Since the pr-e2e-test.yml file is not merged now, the e2e test will not be triggered in this pr, but it will be triggered in other pr after this (but still will not appear in the CI associated with pr), refer to demo: https://github.com/deepsola/start-world/pull/6, and https://github.com/deepsola/start-world/actions, the "Second" CI is triggered by the pr. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
