I have an origin repo in GitHub and I have created a local fork that I am developing on. I have a GitHub Action that runs a Bandit security check, but when I push changes and create a Pull request from a branch in my fork, the Bandit test runs on the code that is currently in the origin repo, not on the new code in the PR.
How can I run the GitHub Action Workflow on the code that is inside the Pull Request?
FYI: here is the "on" statement currently in the yml file:
name: Security scan
on:
  push:
    branches:
      - master
  pull_request_target:
    branches: [main, dev]
[...] we’ve added a new
pull_request_targetevent, which behaves in an almost identical way to thepull_requestevent with the same set of filters and payload. However, instead of running against the workflow and code from the merge commit, the event runs against the workflow and code from the base of the pull request.
Source: https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/
You can still checkout the code from the pull request with the following step:
- uses: actions/checkout@v2
  with:
    ref: ${{github.event.pull_request.head.ref}}
    repository: ${{github.event.pull_request.head.repo.full_name}}
Source: https://github.community/t/running-code-from-forks-with-pull-request-target/126688/6
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With