From 77094f8b42933edae84df2225b9bb150f33abbe2 Mon Sep 17 00:00:00 2001
From: Alejandro Alvarez <avazquez@liquibase.com>
Date: Fri, 14 Jun 2024 09:34:49 +0200
Subject: [PATCH] Dat 17763 (#132)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* 🔧 (test.yml): update workflow to trigger on pull_request_target event instead of pull_request for better control and permissions management
🔧 (test.yml): add permissions configuration for contents and pull-requests to ensure proper access rights
🔧 (test.yml): introduce an authorization step to differentiate between internal and external pull requests for enhanced security
🔧 (test.yml): adjust workflow dependencies to ensure authorization step runs before build-test job for accurate execution

* ✅ (test.yml): add dependency between jobs to ensure authorization job runs before integration test job
---
 .github/workflows/test.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index aa90dc7..0fcdcb6 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -11,7 +11,7 @@ on:
 permissions:
   contents: write
   pull-requests: write
-  
+
 jobs:
 
   authorize:
@@ -26,6 +26,7 @@ jobs:
     secrets: inherit
 
   integration-test:
+    needs: authorize
     name: Test Harness for Maxdb ${{ matrix.maxdb }}
     runs-on: ubuntu-latest