-
Notifications
You must be signed in to change notification settings - Fork 2.3k
77 lines (68 loc) · 2.73 KB
/
docs.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
name: Documentation Preview
on:
pull_request:
# allow repository maintainers to modify and test workflow
paths:
- ".github/workflows/docs.yaml"
pull_request_target: # zizmor: ignore[dangerous-triggers]
# enable runs for this workflow when labeled as documentation only
# prevent execution when the workflow itself is modified from a fork
types:
- labeled
- synchronize
paths:
- "docs/**"
jobs:
deploy:
name: Build & Deploy
runs-on: ubuntu-latest
if: >
(github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'impact/docs'))
|| (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository)
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
repository: python-poetry/website
# use .github from pull request target instead of pull_request.head
# for pull_request_target trigger to avoid arbitrary code execution
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
path: poetry-github
sparse-checkout: .github
# only checkout docs from pull_request.head to not use something else by accident
# for pull_request_target trigger (security)
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
path: poetry-docs
ref: ${{ github.event.pull_request.head.sha }}
sparse-checkout: docs
- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: "18"
- uses: ./poetry-github/.github/actions/bootstrap-poetry
- uses: ./poetry-github/.github/actions/poetry-install
with:
args: --no-root --only main
- name: website-build
run: |
# Rebuild the docs files from the PR checkout.
poetry run python bin/website build --local ./poetry-docs
# Build website assets (CSS/JS).
npm ci && npm run prod
# Build the static website.
npx hugo --minify --logLevel info
- uses: amondnet/vercel-action@16e87c0a08142b0d0d33b76aeaf20823c381b9b9 # v25.2.0
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}
vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
scope: python-poetry
github-comment: true
working-directory: public