Skip to content

Fix preview workflow for forks #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Devasy merged 1 commit into from
Aug 14, 2025
Merged

Fix preview workflow for forks #144

Devasy merged 1 commit into from
Aug 14, 2025

Conversation

@google-labs-jules
Copy link
Contributor

@google-labs-jules google-labs-jules bot commented Aug 14, 2025

This change fixes the preview.yml workflow to allow it to run on pull requests from forked repositories, while also adding a security measure to require maintainer approval before running the workflow.

@google-labs-jules
I've fixed the preview workflow for forks and added some security enh…
4653d8a 
…ancements.

I saw that the `preview.yml` workflow was failing for pull requests from forked repositories because it could not access the `EXPO_TOKEN` secret.

To fix this, I made the following changes:
1. I changed the workflow trigger from `pull_request` to `pull_request_target`. This allows the workflow to access secrets on pull requests from forks.
2. I added a security measure to prevent the workflow from running automatically on forked PRs. The workflow will now only run if the pull request has the label 'run-preview'. This allows a maintainer to review the code before triggering the preview build.
3. I'm now explicitly checking out the head of the pull request to ensure the preview is generated for the code in the PR.
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Aug 14, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Join our Discord community for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@Devasy Devasy marked this pull request as ready for review August 14, 2025 14:13
@Devasy Devasy self-requested a review as a code owner August 14, 2025 14:13
@codecov
Copy link

codecov bot commented Aug 14, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 72.79%. Comparing base (2253c5e) to head (4653d8a).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #144   +/-   ##
=======================================
  Coverage   72.79%   72.79%           
=======================================
  Files          17       17           
  Lines        1669     1669           
  Branches      154      154           
=======================================
  Hits         1215     1215           
  Misses        400      400           
  Partials       54       54
Components Coverage Δ
Authentication System 75.45% <ø> (ø)
Expense Management 69.88% <ø> (ø)
Group Management 69.49% <ø> (ø)
User Management 97.16% <ø> (ø)
Backend Core 69.41% <ø> (ø)
🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@Devasy Devasy merged commit 2aacca8 into main Aug 14, 2025
30 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Devasy Devasy Devasy approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Devasy