You are viewing a plain text version of this content. The canonical link for it is here.
Posted to github@arrow.apache.org by GitBox <gi...@apache.org> on 2020/04/24 00:00:36 UTC
[GitHub] [arrow] nealrichardson opened a new pull request #7028: ARROW-8575: [Developer] Add issue_comment workflow to rebase a PR
nealrichardson opened a new pull request #7028:
URL: https://github.com/apache/arrow/pull/7028
Instead of adding a PR comment of "This needs rebase" and wait for the author to get around to it, with this workflow you can just type "rebase" and GHA will do it for you. If it rebases cleanly, the workflow force pushes; see [this demonstration](https://github.com/nealrichardson/arrow/runs/613698512?check_suite_focus=true#step:5:6) on my fork. If there are merge conflicts, well, the PR will probably tell you so you know not to try to auto-rebase, but if you do run this workflow and rebase is not clean, it exits with an error and does not push anything (see [this example](https://github.com/nealrichardson/arrow/runs/613691328?check_suite_focus=true)).
Relatedly, see https://github.com/r-lib/actions/pull/90 where I add the ability to add args to `git push` in the action. This workflows is currently set to run using my fork, which is fine. If that PR is merged before this one is, we can switch back to using upstream; otherwise, I'll switch in ARROW-8489.
Recall that you can't test issue_comment workflow changes on PRs themselves because issue_comment workflows always run off of master, so if you make a "rebase" comment on this PR, it won't do anything.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [arrow] github-actions[bot] commented on pull request #7028: ARROW-8575: [Developer] Add issue_comment workflow to rebase a PR
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on pull request #7028:
URL: https://github.com/apache/arrow/pull/7028#issuecomment-618731413
https://issues.apache.org/jira/browse/ARROW-8575
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [arrow] nealrichardson commented on pull request #7028: ARROW-8575: [Developer] Add issue_comment workflow to rebase a PR
Posted by GitBox <gi...@apache.org>.
nealrichardson commented on pull request #7028:
URL: https://github.com/apache/arrow/pull/7028#issuecomment-619074972
I'm not worried about security risks in this particular case. If someone random person wants to rebase my PR on apache/arrow@master, great! Now I don't have to! While I see how other workflows that push might be vulnerable, this workflow is not open-ended, does not take any arguments, and it only pushes on success, so I don't understand how it could be exploited. Am I missing something?
Involving Python here sounds like overkill.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [arrow] kszucs edited a comment on pull request #7028: ARROW-8575: [Developer] Add issue_comment workflow to rebase a PR
Posted by GitBox <gi...@apache.org>.
kszucs edited a comment on pull request #7028:
URL: https://github.com/apache/arrow/pull/7028#issuecomment-618944665
There is another security constraint about this approach: anyone can trigger a rebase on the PR not just the participants / committers. To resolve that you need to check `author_association` in the event payload, see the python bot's implementation [here](https://github.com/apache/arrow/blob/master/dev/archery/archery/bot.py#L179).
We could implement a feature to the python bot to trigger bash scripts to make the contributing to the comment bot easier while reusing the existing comment handling and responding mechanism.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [arrow] kszucs commented on pull request #7028: ARROW-8575: [Developer] Add issue_comment workflow to rebase a PR
Posted by GitBox <gi...@apache.org>.
kszucs commented on pull request #7028:
URL: https://github.com/apache/arrow/pull/7028#issuecomment-618944665
There is another security constraint about this approach: anyone can trigger a rebase on the PR not just the participants. To resolve that you need to check `author_association` in the event payload, see the python bot's implementation [here](https://github.com/apache/arrow/blob/master/dev/archery/archery/bot.py#L179).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [arrow] kszucs edited a comment on pull request #7028: ARROW-8575: [Developer] Add issue_comment workflow to rebase a PR
Posted by GitBox <gi...@apache.org>.
kszucs edited a comment on pull request #7028:
URL: https://github.com/apache/arrow/pull/7028#issuecomment-618944665
There is another security constraint about this approach: anyone can trigger a rebase on the PR not just the participants / committers. To resolve that you need to check `author_association` in the event payload, see the python bot's implementation [here](https://github.com/apache/arrow/blob/master/dev/archery/archery/bot.py#L179).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org