Skip to content

docs: add fork support documentation for PR review workflow #268

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 14, 2025
Merged

docs: add fork support documentation for PR review workflow #268

merged 1 commit into from
Sep 14, 2025

Conversation

jerop
Copy link
Contributor

@jerop jerop commented Sep 10, 2025

  • Add comprehensive section on extending PR review workflow to support forks
  • Document simple fork support approach using contributor's own Google auth
  • Explain GitHub Actions security model for fork-based PRs
  • Provide implementation approaches from simple to advanced
  • Include security best practices and resources for pull_request_target
  • Reference centralized authentication documentation
  • Reorganize content with clear implementation approaches

Fixes #191

@jerop jerop requested review from a team as code owners September 10, 2025 19:19
@gemini-cli gemini-cli
Copy link

gemini-cli bot commented Sep 10, 2025

🤖 Hi @jerop, I've received your request, and I'm working on it now! You can track my progress in the logs for more details.

@jerop jerop enabled auto-merge (squash) September 10, 2025 19:22
gemini-cli[bot]
gemini-cli bot reviewed Sep 10, 2025
View reviewed changes
Copy link

@gemini-cli gemini-cli bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📋 Review Summary

This pull request adds excellent documentation on how to extend the PR review workflow to support forks. The new section is well-written, comprehensive, and provides clear implementation approaches.

🔍 General Feedback

  • The documentation is clear and easy to understand.
  • The inclusion of security best practices and resources is a great addition.
  • The different implementation approaches are well-explained, allowing users to choose the best option for their needs.

@jerop jerop force-pushed the docs/fork-support branch 2 times, most recently from 0e04978 to 399d3d5 Compare September 10, 2025 20:33
leehagoodjames
leehagoodjames reviewed Sep 11, 2025
View reviewed changes
Copy link
Contributor

@leehagoodjames leehagoodjames left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi Jerop,

I think this currently reads as an authoritative stance on workflow triggers and GitHub credential access policies. I think it may be more concise, and more inutitive, to instead explain our opinionated approach (explaining our "why" for not running on branches from forks), and then point the user to the docs if they want to deviate from that.

This summary would contain less breadth - while still covering the exact reasoning behind our decision - which some users may share

@jerop
docs: add fork support documentation for PR review workflow
fcf2539 
- Add comprehensive section on extending PR review workflow to support forks
- Document simple fork support approach using contributor's own Google auth
- Explain GitHub Actions security model for fork-based PRs
- Provide implementation approaches from simple to advanced
- Include security best practices and resources for pull_request_target
- Reference centralized authentication documentation
- Reorganize content with clear implementation approaches
@jerop jerop merged commit 11742af into main Sep 14, 2025
9 checks passed
@jerop jerop deleted the docs/fork-support branch September 14, 2025 16:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gemini-cli gemini-cli[bot] gemini-cli[bot] left review comments

@leehagoodjames leehagoodjames leehagoodjames approved these changes

@verbanicm verbanicm Awaiting requested review from verbanicm verbanicm is a code owner automatically assigned from google-github-actions/maintainers

@adamfweidman adamfweidman Awaiting requested review from adamfweidman adamfweidman is a code owner automatically assigned from google-github-actions/run-gemini-cli-maintainers

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support review of pull requests created from forks
2 participants
@jerop @leehagoodjames