Closed njmei closed 3 months ago
@kaizhang It would probably also be a good idea to prevent external PR requests to accidentally trigger your github actions workflows. It will use up your github actions credits and malicious actors could submit bogus PRs that could hijack the github actions runners to do unsavory things.
I think you can do this by following this guide: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#controlling-changes-from-forks-to-workflows-in-public-repositories
Require approval for all outside collaborators.
is probably the safest option.
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 98.23%. Comparing base (
b785494
) to head (e2bf521
).
:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
It turns out tests were failing because the github
actions/checkout
plugin by default does not download git LFS files. This was causing later tests to fail because they were expecting full test files instead of git LFS pointers.This commit also restores the matrixed snap-atac-flavor options. Each run of the updated workflow will release
default
as well as arecommend-interactive
snapatac2 docker image.Note: tests in this PR are probably failing because it is still pointing at:
kaizhang/SnapATAC2/.github/workflows/docker.yml@main
https://github.com/kaizhang/SnapATAC2/blob/b7854948133e7a1a59badcf53432fc57ef236f98/.github/workflows/test_python.yml#L47-L50
Validation: On my fork, the
Test Docker Image
portion passes. Note that the login step fails (because I didn't set up docker credentials on my fork): https://github.com/njmei/SnapATAC2/actions/runs/8503169951/job/23288304288