Fix simplecov action read-only permission issue
RajeshPaul38 opened this issue · 4 comments
As of now simplecov action is failing for any pull request being raised from a forked repository. So we need to add a github token to resolve the permission issue.
The resolution to this issue is that, PR needs to be raised from the repository itself. Otherwise we need to do so many settings which might not even be secure i.e. giving write access to repo for actions on PRs even from forked repositories. So the most frugal solution is to use chef/supermarket repository itself.
Before simplecov github action integration we didn't need any github action to have write permission which is needed by simplecov. There are many other actions that need write access. So we need to balance between security and flexibility going forward.
Sharing a few links which might come handy when resolving it for good:
This couldn't be fixed. Closing for now and we have disabled the simplecov action.