potiuk commented on PR #37057: URL: https://github.com/apache/airflow/pull/37057#issuecomment-1913692464
All right I did some testing and applied a few smal fixes (optimiized away the checkout for target-branch for commiter build as it turned out to be not needed For anyone looking here (and I would love at least 2 reviews) for security reasons. I've run some simulated builds from my higrys -> potiuk PRs after pushing the branch to main: ## Here is an example of committer-originated build: * Selective check https://github.com/potiuk/airflow/actions/runs/7687733181/job/20948113127?pr=287#step:9:88 * Image build (skips the script/dev/action replace) https://github.com/potiuk/airflow/actions/runs/7687733181/job/20948122563?pr=287 ## Example where non-committer is the actor in PR * Selective check: https://github.com/potiuk/airflow/actions/runs/7687718985/job/20948083436?pr=289#step:9:87 * Image build (scripts/dev/actions) are replaced with the target ones: https://github.com/potiuk/airflow/actions/runs/7687718985/job/20948089594?pr=289#step:5:1 The builds here (you can see different actors): <img width="577" alt="Screenshot 2024-01-28 at 20 03 26" src="https://github.com/apache/airflow/assets/595491/bb6ff88c-9a13-4437-b6a3-ecfd6cc15844";> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
