Support workflow execution from forks of outside collaborators

eclipse-csi / otterdog

OtterDog is a tool to manage GitHub organizations at scale using a configuration as code approach. It is actively used by the Eclipse Foundation to manage its numerous projects hosted on GitHub.

https://otterdog.readthedocs.org

Eclipse Public License 2.0

23 stars 3 forks source link

Support workflow execution from forks of outside collaborators #214

Open netomi opened 6 months ago

netomi commented 6 months ago

Currently there is no way to specify the approval for running workflows of pull requests from outside collaborators.

There is no api available and it can only be modified via the Web UI. However, this is a setting that is security relevant and we should investigate how we can support that at least on organization level so that you could enforce that any PR from an outside collaborator needs approval before workflows are allowed to run.

mbarbero commented 6 months ago

note that there is an gh-enterprise wide settings for that