Closed mercuriete closed 3 years ago
when this plugin is triggered with the following yaml:
name: auto-merge on: pull_request_target: jobs: auto-merge: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - uses: ahmadnassri/action-dependabot-auto-merge@v2.3 with: github-token: ${{ secrets.token }} target: minor
it shows the following output:
Error: action triggered outside of a pull_request
Please give support for pull_request_target.
Motivation: actions triggered from a dependabot PR are not using secrets unless you change pull_request to pull_request_target https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/
(this only work for GITHUB_TOKEN and not for personal access token)
closed in https://github.com/ahmadnassri/action-dependabot-auto-merge/commit/2aef6bbf0c786ba7411c31913536c255f97d9323
ahmadnassri
commented
3 years ago ahmadnassri
commented
3 years ago
when this plugin is triggered with the following yaml:
it shows the following output:
Please give support for pull_request_target.
Motivation: actions triggered from a dependabot PR are not using secrets unless you change pull_request to pull_request_target https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/
(this only work for GITHUB_TOKEN and not for personal access token)