Skip to content

chore: update github actions #361

chore: update github actions

chore: update github actions #361

Workflow file for this run

name: Documentation Preview
on:
pull_request:
# allow repository maintainers to modify and test workflow
paths:
- ".github/workflows/docs.yaml"
pull_request_target: # zizmor: ignore[dangerous-triggers]
# enable runs for this workflow when labeled as documentation only
# prevent execution when the workflow itself is modified from a fork
types:
- labeled
- synchronize
paths:
- "docs/**"
jobs:
deploy:
name: Build & Deploy
runs-on: ubuntu-latest
if: >
(github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'impact/docs'))
|| (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository)
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
repository: python-poetry/website
# use .github from pull request target instead of pull_request.head
# for pull_request_target trigger to avoid arbitrary code execution
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
path: poetry-github
sparse-checkout: .github
# only checkout docs from pull_request.head to not use something else by accident
# for pull_request_target trigger (security)
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
path: poetry-docs
ref: ${{ github.event.pull_request.head.sha }}
sparse-checkout: docs
- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: "18"
- uses: ./poetry-github/.github/actions/bootstrap-poetry
- uses: ./poetry-github/.github/actions/poetry-install
with:
args: --no-root --only main
- name: website-build
run: |
# Rebuild the docs files from the PR checkout.
poetry run python bin/website build --local ./poetry-docs
# Build website assets (CSS/JS).
npm ci && npm run prod
# Build the static website.
npx hugo --minify --logLevel info
- uses: amondnet/vercel-action@16e87c0a08142b0d0d33b76aeaf20823c381b9b9 # v25.2.0
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}
vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
scope: python-poetry
github-comment: true
working-directory: public