Skip to content

fix(ci): skip dd-sts federation on fork PRs via ACTIONS_ID_TOKEN_REQUEST_URL guard#25399

Merged
thomasqueirozb merged 3 commits intomasterfrom
fix/ci-fork-pr-dd-token
May 8, 2026
Merged

fix(ci): skip dd-sts federation on fork PRs via ACTIONS_ID_TOKEN_REQUEST_URL guard#25399
thomasqueirozb merged 3 commits intomasterfrom
fix/ci-fork-pr-dd-token

Conversation

@thomasqueirozb
Copy link
Copy Markdown
Contributor

@thomasqueirozb thomasqueirozb commented May 8, 2026
edited
Loading

Summary

Fork PRs from external contributors cause the test / Tests job to fail at the dd-token action. GitHub sets id-token: none for fork PRs regardless of what the workflow declares, so ACTIONS_ID_TOKEN_REQUEST_URL is unset and dd-sts-action errors. The previous continue-on-error: true on the inner composite action step does not prevent the composite action itself from being marked as failed, causing all subsequent steps (setup, Run tests) to be skipped.

Fix: guard the federation step with if: ${{ env.ACTIONS_ID_TOKEN_REQUEST_URL != '' }} so it is skipped entirely on fork PRs instead of failing.

Vector configuration

NA

How did you test this PR?

Verified against the failing run:

Tested over at https://github.com/vectordotdev/ci-sandbox/pull/28

Change Type

  • Bug fix
  • New feature
  • Dependencies
  • Non-functional (chore, refactoring, docs)
  • Performance

Is this a breaking change?

  • Yes
  • No

Does this PR include user facing changes?

  • Yes. Please add a changelog fragment based on our guidelines.
  • No. A maintainer will apply the no-changelog label to this PR.

References

@thomasqueirozb thomasqueirozb added the no-changelog Changes in this PR do not need user-facing explanations in the release changelog label May 8, 2026
@github-actions github-actions Bot added the domain: ci Anything related to Vector's CI environment label May 8, 2026
@thomasqueirozb thomasqueirozb marked this pull request as ready for review May 8, 2026 17:42
@thomasqueirozb thomasqueirozb requested a review from a team as a code owner May 8, 2026 17:42
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 8, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7276601bc5

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread .github/actions/dd-token/action.yml Outdated
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 8, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 0959f05b7a

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread .github/actions/dd-token/action.yml
@thomasqueirozb thomasqueirozb added this pull request to the merge queue May 8, 2026
Merged via the queue into master with commit 63b29fb May 8, 2026
85 checks passed
@thomasqueirozb thomasqueirozb deleted the fix/ci-fork-pr-dd-token branch May 8, 2026 18:51
@github-actions github-actions Bot locked and limited conversation to collaborators May 8, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@pront pront pront approved these changes

Assignees

No one assigned

Labels

domain: ci Anything related to Vector's CI environment no-changelog Changes in this PR do not need user-facing explanations in the release changelog

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@thomasqueirozb @pront