Pull requests testing
In Buddy, you can test and deploy pull requests using pipelines. Every time a pull request is created and/or a push is made to the corresponding branch, Buddy will automatically run the defined pipeline and send its execution status to GitHub.
Forks and branches
You can create pull requests within the same repository or a forked repository. If you run all pull requests within one repository and you don't work on a fork model, then it's enough to create a pipeline with *
wildcard to test your pull requests. The pipeline will be run after every push to any branch in your repository. Thanks to that, each commit will be tested straight away and when you open a pull request, it will be marked with a status depending on the tests' result.
For security reasons, support for pull requests originating from forks is disabled by default.
To enable it:
- Go to Project Settings in the left column.
- Scroll down to the Pull requests section.
- Click the Enable pull requests switch to activate the feature:
Forked pull requests
Once you switch this option on, you'll be able to select Pull requests by wildcard as the ref in the pipeline settings:
Adding a new pipeline
If you enabled the PR support, make sure to use the refs/pull/*
wildcard instead of a single *
with the Pull requests by wildcard option. Using the *
wildcard causes the pipeline to run twice for all PRs that from within the same repository. The pipeline will run triggered by the commit pushed to the branch and then because a new commit is detected in the PR even though this is a single event.
Actions
Now we can add a testing action and a notification that will let us know in case something goes wrong:
Pipeline example
Security
Remember that everyone can fork a public repository and create pull requests to that repo. If your repository is public, you should take special precautions towards securing the data defined in the environment variables. In a fork of your repo, a malicious actor can write a script that exposes your variables, and execute it remotely with a pipeline that runs automatically on PRs.
See also
Last modified on September 8, 2022