Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change the design of this Action to target a single (using) repository #78

Open
1 task
mcdonnnj opened this issue Jan 17, 2024 · 0 comments
Open
1 task

Change the design of this Action to target a single (using) repository #78

mcdonnnj opened this issue Jan 17, 2024 · 0 comments
Labels
breaking change This issue or pull request involves changes to existing functionality github-actions Pull requests that update GitHub Actions code improvement This issue or pull request will add or improve functionality, maintainability, or ease of use python Pull requests that update Python code

Comments

@mcdonnnj
Copy link
Member

💡 Summary

Currently this Action has a workflow that runs this Action against our organization on a regularly basis. This is in line with the Action's current design to scan based on a provided query. This issue proposes changing the functionality of this Action to instead be used in a workflow in individual repositories that will scan on their own schedule.

Motivation and context

This change would align this project with the general way that GitHub Actions are used. It would also provide more configuration in downstream repositories and would simplify the logic of this project.

Implementation notes

Important design consideration (in my mind):

  • Use the default Actions permissions by default, but allow configuration to provide specific credentials if desired.
  • Use the calling repository by default, but allow this to be overridden with a provided value. This would allow a public repository to host a workflow that would update a private repository which is functionality provided by the current implementation. This ties into the above point for allowing external runs to access other repositories.

Acceptance criteria

  • The project is redesigned to run as an Action called from a workflow in individual repositories.
@mcdonnnj mcdonnnj added breaking change This issue or pull request involves changes to existing functionality improvement This issue or pull request will add or improve functionality, maintainability, or ease of use github-actions Pull requests that update GitHub Actions code python Pull requests that update Python code labels Jan 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
breaking change This issue or pull request involves changes to existing functionality github-actions Pull requests that update GitHub Actions code improvement This issue or pull request will add or improve functionality, maintainability, or ease of use python Pull requests that update Python code
Projects
Skeleton Maintenance
Status: To do
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mcdonnnj