Update ci.yml (#15)

libpasta · Jan 26, 2021 · 1a1df39 · 1a1df39
1 parent 3921c89
commit 1a1df39
Showing 1 changed file with 1 addition and 65 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -2,33 +2,14 @@ name: Rust CI checks
 on:
  push:
  branches: ["main"]
- pull_request_target:
+ pull_request:
 
 jobs:
  lint:
  name: Run lint checks
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v2
- with:
- # This prevents the Action from persisting the credentials it uses to
- # perform the fetch/checkout to the Runner's local Git config. On
- # `pull_request_target` events, the GITHUB_TOKEN provided to the
- # Runner has Write permissions to the base repository. We do **not**
- # want to allow untrusted code from forks to execute arbitrary Git
- # commands with those elevated permissions.
- #
- # More info:
- # https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/#improvements-for-public-repository-forks
- persist-credentials: false
- # Explicitly setting the `repository` and `ref` inputs ensures that
- # `pull_request_target` events trigger CI runs against the code from
- # the HEAD branch. By default, this Action checks out code from the
- # BASE branch. On `push` events, the `github.event.pull_request` path
- # will yield a null value, and passing nulls to these inputs causes
- # them to fall back to the defaults
- repository: ${{ github.event.pull_request.head.repo.full_name }}
- ref: ${{ github.event.pull_request.head.sha }}
  - name: Install Rust stable toolchain
  uses: actions-rs/toolchain@v1
  with:
@@ -42,43 +23,17 @@ jobs:
  command: fmt
  args: --all -- --check
  - name: Check clippy
- if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
  uses: actions-rs/clippy-check@v1
  with:
  token: ${{ secrets.GITHUB_TOKEN }}
  args: --all-targets -- -D warnings
- - name: Check clippy
- if: ${{ github.event_name != 'push' || github.ref != 'refs/heads/main' }}
- uses: actions-rs/clippy-check@v1
- with:
- token: 0000000000000000000000000000000000000000
- args: --all-targets -- -D warnings
 
 
  test:
  name: Run tests
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v2
- with:
- # This prevents the Action from persisting the credentials it uses to
- # perform the fetch/checkout to the Runner's local Git config. On
- # `pull_request_target` events, the GITHUB_TOKEN provided to the
- # Runner has Write permissions to the base repository. We do **not**
- # want to allow untrusted code from forks to execute arbitrary Git
- # commands with those elevated permissions.
- #
- # More info:
- # https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/#improvements-for-public-repository-forks
- persist-credentials: false
- # Explicitly setting the `repository` and `ref` inputs ensures that
- # `pull_request_target` events trigger CI runs against the code from
- # the HEAD branch. By default, this Action checks out code from the
- # BASE branch. On `push` events, the `github.event.pull_request` path
- # will yield a null value, and passing nulls to these inputs causes
- # them to fall back to the defaults
- repository: ${{ github.event.pull_request.head.repo.full_name }}
- ref: ${{ github.event.pull_request.head.sha }}
  - uses: actions/cache@v2
  with:
  path: |
@@ -99,25 +54,6 @@ jobs:
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v2
- with:
- # This prevents the Action from persisting the credentials it uses to
- # perform the fetch/checkout to the Runner's local Git config. On
- # `pull_request_target` events, the GITHUB_TOKEN provided to the
- # Runner has Write permissions to the base repository. We do **not**
- # want to allow untrusted code from forks to execute arbitrary Git
- # commands with those elevated permissions.
- #
- # More info:
- # https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/#improvements-for-public-repository-forks
- persist-credentials: false
- # Explicitly setting the `repository` and `ref` inputs ensures that
- # `pull_request_target` events trigger CI runs against the code from
- # the HEAD branch. By default, this Action checks out code from the
- # BASE branch. On `push` events, the `github.event.pull_request` path
- # will yield a null value, and passing nulls to these inputs causes
- # them to fall back to the defaults
- repository: ${{ github.event.pull_request.head.repo.full_name }}
- ref: ${{ github.event.pull_request.head.sha }}
  - uses: actions/cache@v2
  with:
  path: |