to give more precisions, here is my use case: I have a github public repo with a big number of branches (no code similitude between these branches).
I receive many pull requests on these many branches, and a change in the
.drone.yml in one of those PR could very well go unnoticed.
The problem is that the last step of the
.drone.yml pipeline is a deployment step, that SSH into a prod server to run a service.
A PR could modify the deployment step and if inadvertently merged, do bad things…
That’s why I’d like to have only one version of the
.drone.yml file (in the master branch for example).
Is that possible ? Or do you see any other way to let public user merged PR trigger a server deployment step in a secure manner ?
Many thank for your insights!