fix(tooling): remove caching from github pipeline#715
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0a3886e0f8
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| steps: | ||
| - name: Checkout Project | ||
| uses: actions/checkout@v3 | ||
| uses: actions/checkout@v6 |
There was a problem hiding this comment.
Add opt-out for validated fork checkouts
This workflow deliberately permits fork PRs once the validated label is present, but the downstream jobs then check out github.event.pull_request.head.sha under pull_request_target using the floating actions/checkout@v6 tag. GitHub's June 18, 2026 checkout changelog says this exact ref will be refused for fork PRs in pull_request_target, and that the enforcement is backported to floating major tags on July 16, 2026; after that, every validated fork PR will fail at the checkout step unless you restructure the workflow or pass allow-unsafe-pr-checkout deliberately.
Useful? React with 👍 / 👎.
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
| - name: Validate Labels | ||
| run: | | ||
| HEAD_REPO=${{ github.event.pull_request.head.repo.full_name }} | ||
| BASE_REPO=${{ github.event.pull_request.base.repo.full_name }} | ||
| FROM_BASE=0; [ "$HEAD_REPO" == "$BASE_REPO" ] && FROM_BASE=1 | ||
|
|
||
| HAS_VALIDATED_LABEL=${{ contains(github.event.pull_request.labels.*.name, 'validated') }} | ||
| VALIDATED=0; [ "$HAS_VALIDATED_LABEL" == "true" ] && VALIDATED=1 | ||
|
|
||
| echo from base $FROM_BASE | ||
| echo validated $VALIDATED | ||
|
|
||
| if [[ $FROM_BASE == 1 || $VALIDATED == 1 ]] | ||
| then | ||
| echo 'pull request is validated, running tests' | ||
| exit 0 | ||
| else | ||
| echo 'pull request is not validated, exiting' | ||
| exit 1 | ||
| fi | ||
|
|
There was a problem hiding this comment.
Good catch. Did not realize that I missed it in the Widgets but had it only in the SDK
|
✅ Your changes have been merged! Thank you for your contribution! 🤖 This is an automated message. For queries, please contact support. |
COMPLETES #adhoc
This pull request addresses
The GitHub workflows needed updates after the GitHub Actions runtime changes and cache behavior changes. The previous Pull Request CI structure depended on shared install/build cache jobs, which made the pipeline more fragile for validated PR runs.
by making the following changes
validatedlabel.Change Type
The following scenarios were tested
GitHub Actions testing evidence:
Current note: the provided Deploy CD run completed with failure, and the provided Pull Request CI run was still in progress when this description was updated.
The GAI Coding Policy And Copyright Annotation Best Practices
Checklist before merging
Make sure to have followed the contributing guidelines before submitting.