From 912f9b4633513d62b1563ec77c25bd1ef9a870ce Mon Sep 17 00:00:00 2001
From: Thomas Bouffard <27200110+tbouffard@users.noreply.github.com>
Date: Thu, 18 Apr 2024 13:20:44 +0200
Subject: [PATCH] ci: make workflows better work for PR created from forked
 repo (#54)

"contribution checks"
The workflow now runs on `pull_request_target` events.
There are no security issues here. Checks are made only on the updated
PR file without doing any tool installation, cache update or branch
check. Only the GitHub API is used.
Using this event allows you to create a PR comment when the PR is
created from a forked repository.

"build preview" and "references validation" workflows.
The content of the branch of the fork is now correctly used. Previously,
the branch of the fork wasn't found by Antora, so the content of the
generated site was empty.

### Notes

Covers
https://github.com/bonitasoft/bonita-documentation-site/issues/402
Covers
https://github.com/bonitasoft/bonita-documentation-site/issues/685
---
 .github/workflows/build-pr-preview.yml    | 12 ++----------
 .github/workflows/contribution-checks.yml |  4 ++--
 2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/build-pr-preview.yml b/.github/workflows/build-pr-preview.yml
index 4d331bd..7e3c1f7 100644
--- a/.github/workflows/build-pr-preview.yml
+++ b/.github/workflows/build-pr-preview.yml
@@ -3,23 +3,15 @@ name: Build PR preview
 on:
   pull_request:
     paths:
-      - 'modules/ROOT/**'
+      - 'modules/**'
       - 'antora.yml'
       - '.github/workflows/build-pr-preview.yml'
 jobs:
   validate_xref:
     runs-on: ubuntu-22.04
-    env:
-      COMPONENT_NAME: cloud
-      COMPONENT_BRANCH_NAME: ${{ github.head_ref }}
     steps:
       - name: Validate xref
         uses: bonitasoft/bonita-documentation-site/.github/actions/build-pr-site/@master
         with:
-          # '>' Replace newlines with spaces (folded)
-          # '-' No newline at end (strip)
-          build-preview-command: >-
-            ./build-preview.bash
-            --component "${{ env.COMPONENT_NAME }}"
-            --branch "${{ env.COMPONENT_BRANCH_NAME }}"
+          component-name: cloud
           fail-on-warning: true
diff --git a/.github/workflows/contribution-checks.yml b/.github/workflows/contribution-checks.yml
index 2a0d3f9..72c17ca 100644
--- a/.github/workflows/contribution-checks.yml
+++ b/.github/workflows/contribution-checks.yml
@@ -1,10 +1,10 @@
 name: Contribution checks
 
 on:
-  pull_request:
+  pull_request_target:
 
 jobs:
   check_antora_content_guidelines:
     permissions:
       pull-requests: write # "pr-antora-content-guidelines-checker" write PR comments when the PR doesn't match the "Guidelines"
-    uses: bonitasoft/bonita-documentation-site/.github/workflows/_reusable_pr-antora-content-guidelines-checker.yml@master
\ No newline at end of file
+    uses: bonitasoft/bonita-documentation-site/.github/workflows/_reusable_pr-antora-content-guidelines-checker.yml@master