On Wed, Sep 6, 2023 at 11:31 PM PJ Fanning <[email protected]> wrote: > Scala Steward creates PRs in our repos so the GitHub Actions CI that > we have set up in our repos will run as normal on those PRs. These PR > CI runs will have full access to our repo secrets. It could be that > someone in the Apache GitHub org will need to press a button on the PR > to allow it to run the CI - I've seen this when PRs originate from > users who are not part of the Apache GitHub org.
Approval, probably yes, and we can see that as a feature. Secrets should not be accessible but that is not a problem as PR validation should not need secrets. So, I don't see any reason to use our own instance for now. Incidentally, to make the updates less frequent I used to set a schedule to when those Scala steward are proposed, e.g. only once a week on Tuesday mornings, so that it is easier for maintainers to expect those updates and deal with them in a batch. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
