ADR: Support more action types within a composite action#1040
ADR: Support more action types within a composite action#1040ericsciple wants to merge 3 commits intomainfrom
Conversation
| - Download all nested actions | ||
| - Decide recursion limit | ||
| - src/Runner.Worker/ActionManager.cs | ||
| - Precursor: Remove feature flag DistributedTask.NewActionMetadata |
There was a problem hiding this comment.
what does compat look like with GHES... probably fine since we don't need to be that far backward compatible.
what would compat look like for new runner releases with versions of GHES that might not support nested composite... you could unintentionally violate policy if we move the check? that might be okay-ish if we document it?
| - Testing | ||
| - Support all types of action manifests: Node.js, Dockerfile, `docker://`, composite, no manifest only Dockerfile | ||
| - Support all types of action references: `docker://`, `./`, owner/repo@ref | ||
| - Support for actions with pre-step and post-step. For pre/post, also test intra-action-state No newline at end of file |
There was a problem hiding this comment.
we should do a security review/threat model when we know the implementation details. is policy the only issue or are there other security promises we make now without nesting that we would want to be concerned about?
|
|
||
| - Launch | ||
| - New feature flag | ||
| - Move Action policy enforcement from workflow run, to resolve actions endpoint |
There was a problem hiding this comment.
"Also", not "move"
|
Is this going to be available this year ? |
See ADR: actions/runner#1040 for more information, or to know when this can be re-enabled
|
@thboop Could you explain what closing this PR means? Has the idea been dismissed, has it been implemented, new PR elsewhere? |
|
Hey @mpdude Sorry for the delay. This ADR was superseded by: https://github.com/actions/runner/blob/main/docs/adrs/1144-composite-actions.md |
No description provided.