diff --git a/.github/workflows/gpu-tests.yml b/.github/workflows/gpu-tests.yml index 85c0d740..9b6e3c3d 100644 --- a/.github/workflows/gpu-tests.yml +++ b/.github/workflows/gpu-tests.yml @@ -9,7 +9,7 @@ on: - 'pyproject.toml' - 'pixi.lock' - '.github/workflows/gpu-tests.yml' - pull_request: + pull_request_target: branches: [main] paths: - 'src/**' @@ -20,7 +20,7 @@ on: workflow_dispatch: concurrency: - group: gpu-tests-${{ github.ref }} + group: gpu-tests-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true jobs: @@ -40,6 +40,14 @@ jobs: steps: - name: Checkout code uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + with: + # pull_request_target checks out the base branch by default. We need + # the PR head to actually test PR code. This runs untrusted code on + # gpu-1, mitigated by: environment approval gate (gpu-testing), + # read-only token (contents: read), and reviewer sign-off before any + # steps execute. Reviewers: validate security-sensitive changes before + # approving. + ref: ${{ github.event.pull_request.head.sha || github.sha }} - name: Install pixi uses: prefix-dev/setup-pixi@19eac09b398e3d0c747adc7921926a6d802df4da # v0.8.8