Skip to main content

Approving workflow runs from private forks

When someone without write access submits a pull request to a private repository, a maintainer may need to approve any workflow runs.

Who can use this feature

Maintainers with write access to a repository can approve workflow runs.

About workflow runs from private forks

If you rely on using forks of your private repositories, you can configure policies that control how users can run workflows on pull_request events. Available to private repositories only, you can configure these policy settings for organizations, or repositories. For more information, see "Enforcing a policy for fork pull requests in private repositories."

Approving workflow runs on a pull request from a private fork

Maintainers with write access to a repository can use the following procedure to review and run workflows on pull requests from contributors that require approval.

  1. Under your repository name, click Pull requests.

    Issues and pull requests tab selection

  2. In the list of pull requests, click the pull request you'd like to review.

  3. On the pull request, click Files changed. Pull Request Files changed tab

  4. Inspect the proposed changes in the pull request and ensure that you are comfortable running your workflows on the pull request branch. You should be especially alert to any proposed changes in the .github/workflows/ directory that affect workflow files.

  5. If you are comfortable with running workflows on the pull request branch, return to the Conversation tab, and under "Workflow(s) awaiting approval", click Approve and run.

    Approve and run workflows