-
Notifications
You must be signed in to change notification settings - Fork 15
FAQ
There are a few aspects to that question:
-
The PullPreview action itself is fully open-source. Which means you can audit the source code to make sure we're not shipping your AWS credentials or your code somewhere.
-
GitHub actions don't run for pull requests originating from forked repositories (source). This means your AWS credentials can't be read by an external contributor committing a specifically-crafted workflow file.
-
We recommend that you configure an AWS User for PullPreview as per the Recommended AWS Configuration setup.
If it looks simple, then it's good. However, you can have a look at the code yourself and see that there is a fair amount of complexities to orchestrate to get to the point where you have a server running the latest version of the code at all times. You are free to use another solution or code your own, but I'm not ashamed of asking money for what I think is a valuable and non-trivial tool.