This documentation is for a Forgejo version which is no longer supported.
To read the up-to-date documentation, navigate to the latest version.
Managing dependencies between repositories
Some Forgejo repositories that depend on each other have workflows that will trigger workflows on other repositories using the cascading-pr action.
Use cases and examples
Files copied from other repositories
setup-forgejo contains a copy of the forgejo-curl script. This script does not have numbered releases and the latest version is the one in the main branch.
forgejo-curl has a workflow that will open a pull request to setup-forgejo to update the forgejo-curl.sh script it contains. The forgejo-curl workflow will wait on the setup-forgejo workflow and fail if it does not pass, thus providing additional confirmation that the change under test won’t break setup-forgejo once merged.
When the PR is merged in forgejo-curl, the corresponding PR in setup-forgejo is left open and ready to be merged with the latest version of the forgejo-curl.sh script.
Verifying an upgrade would work
setup-forgejo installs a runner by default, as specified in the action.yml file.
The runner has a workflow that will open a pull request to setup-forgejo to update the default version in the action.yml file. The runner workflow will wait on the setup-forgejo workflow and fail if it does not pass, thus providing additional confirmation that the change under test won’t break setup-forgejo when it upgrades to using a release that contains the change.
When the PR is merged in forgejo-curl, the corresponding PR in setup-forgejo is closed. It is not meant to upgrade setup-forgejo because there is not yet a tag release published with this change.
Permissions
The cascading-pr action needs a token with write permissions on issues and repositories that will allow it to fork the destination repository and create a pull request from this fork. It also needs read permission on issues and pull requests for the origin repository.
The cascading-pr user is dedicated to providing such tokens.
For instance, a personal token named
https://code.forgejo.org/forgejo/forgejo-curl/ was created by the
cascading-pr user. This token was added as two secrets named
CASCADING_PR_ORIGIN and CASCADING_PR_DESTINATION in the
https://code.forgejo.org/forgejo/forgejo-curl/ repository.
Access to secrets
The workflow that contains the cascading-pr action needs access to the
secrets of the repository and must run on.pull_request_target. For
instance:
on:
pull_request_target:
types:
- opened
- synchronize
- closed
Updating the workflow
When the cascading-pr workflow is added or updated in a repository, it
must be done in a PR from a branch of the repository and not than from
a forked repository. It runs on.pull_request_target and if run from
a fork it will use the content of the default branch instead of the
proposed change.