Update the configuration of the blacken.yml workflow
#137
Conversation
Provide a PAT when checking out the repository in the `blacken.yml` workflow. This will allow a commit pushed by this workflow to trigger other workflows in the repository.
mcdonnnj
added
the
improvement
github-actions
bot
added
github-actions
There was a problem hiding this comment.
Pull request overview
Updates the repository’s auto-format (“blacken”) GitHub Actions workflow so that commits pushed by the formatter can trigger other workflows (by using a PAT for checkout/push authentication).
Changes:
- Configure
actions/checkoutinblacken.ymlto use a PAT secret. - Minor formatting-only adjustment in
cyhy/core/common.py(export list formatting).
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
cyhy/core/common.py |
Formatting-only change in __all__ exports list. |
.github/workflows/blacken.yml |
Uses a PAT for checkout to allow auto-format pushes to trigger subsequent workflows. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
I plan on rebasing to remove any test commits I used to verify expected behavior before merging the PR. |
mcdonnnj
changed the title
blacken.yml workflow
In forks the secret will not be available so we should fall back on `github.token`. This will allow the workflow to run cleanly even if the pushed commit does not trigger other workflows. Co-authored-by: Copilot <[email protected]>
Adjust the trigger configuration to only run on pull requests that modify Python files.
mcdonnnj
force-pushed
the
improvement/adjust_blacken_workflow
branch
from
0a5613a to
aa417a9
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| pull_request: | ||
| paths: | ||
| - '**.py' |
There was a problem hiding this comment.
on.pull_request.paths filters out PRs that only modify this workflow file, so changes to blacken.yml won’t exercise the workflow in CI. Consider including .github/workflows/blacken.yml (and possibly other formatting-related config files, if any) in the paths list so workflow changes still get validated.
There was a problem hiding this comment.
I'm fine either way on this one.
There was a problem hiding this comment.
After talking with @mcdonnnj, I agree with Copilot that it makes sense to include the workflow file here so it will be executed and we can verify that that changes to the workflow didn't break it.
| with: | ||
| # Needed by stefanzweifel/git-auto-commit-action to support the pull_request | ||
| # trigger. | ||
| ref: ${{ github.head_ref }} | ||
| token: ${{ secrets.GHA_AUTO_COMMIT_TOKEN || github.token }} |
There was a problem hiding this comment.
With ref: ${{ github.head_ref }} and no repository: specified, actions/checkout will fail on PRs from forks because the head branch doesn’t exist in the base repo. If the goal is for the workflow to run on forked PRs (even if it can’t push), update checkout to use the PR head repo/SHA for forks and/or skip the auto-commit step when github.event.pull_request.head.repo.full_name != github.repository.
Using the stefanzweifel/git-auto-commit-action action in workflow runs for pull requests from a fork is too much effort for something we will be unlikely to need. Co-authored-by: Copilot <[email protected]>
dav3r
left a comment
dav3r
left a comment
There was a problem hiding this comment.
LGTM, aside from the Copilot suggestion in https://github.com/cisagov/cyhy-core/pull/137/changes#r2795391409.
3 participants
🗣 Description
This pull request updates the
blacken.ymlworkflow to use a PAT when checking out the repository and to only run when Python files have changed.💭 Motivation and context
This PAT will allow a commit pushed up after auto-formatting to trigger other workflows in the repository. This will ensure that checks are run in pull requests. Only running if Python files have changed just makes sense since the workflow is to auto-format Python code.
🧪 Testing
👀 I also pushed some test commits and verified functionality (they have since been rebased out).
✅ Pre-approval checklist