Open zdc217 opened 4 years ago
Per github actions docs:
We recommend that you do not use self-hosted runners with public repositories.
Forks of your public repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.
Per @ddriddle:
I noticed that as well. I don't think it is a major issue though since public repos receive free builds, and we also want external developers to be able to use and see all the tests.
I think the plan will be to only use the PostMan integration tests as a run-once-in-awhile manual smoke test; and try to add a few extra unit tests to address any coverage gap we find.
I would also make sure we can run all tests on our laptops so we do not become overly dependent on any particular CI/CD system.
Since the test clearpass API is internal, github actions won't be able to communicate with it when running integration tests.
We could solve this by installing a self-hosted runner on a Centos 7 machine in our environment. The self-hosted runner uses an https long poll to check in with github and run actions and just needs to be able to reach out to a few github URLs.
See https://help.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners