ci: make workflows better work for PR created from forked repo (#225)

"contribution checks" The workflow now runs on `pull_request_target` events. There are no security issues here. Checks are made only on the updated PR file without doing any tool installation, cache update or branch check. Only the GitHub API is used. Using this event allows you to create a PR comment when the PR is created from a forked repository. "build preview" and "references validation" workflows. The content of the branch of the fork is now correctly used. Previously, the branch of the fork wasn't found by Antora, so the content of the generated site was empty. ### Notes Covers bonitasoft/bonita-documentation-site#402 Covers bonitasoft/bonita-documentation-site#685
bonitasoft · Apr 18, 2024 · 6784f55 · 6784f55
1 parent ff08c06
commit 6784f55
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 13 deletions.
diff --git a/.github/workflows/build-pr-preview.yml b/.github/workflows/build-pr-preview.yml
@@ -6,22 +6,12 @@ on:
       - 'modules/**'
       - 'antora.yml'
       - '.github/workflows/build-pr-preview.yml'
-
 jobs:
   validate_xref:
     runs-on: ubuntu-22.04
-    env:
-      COMPONENT_NAME: bcd
-      COMPONENT_BRANCH_NAME: ${{ github.head_ref }}
-      COMPONENT_VERSION: ${{ github.base_ref }} # The base_ref or target branch of the pull request in a workflow run.
     steps:
       - name: Validate xref
         uses: bonitasoft/bonita-documentation-site/.github/actions/build-pr-site/@master
         with:
-          # '>' Replace newlines with spaces (folded)
-          # '-' No newline at end (strip)
-          build-preview-command: >-
-            ./build-preview.bash
-            --component "${{ env.COMPONENT_NAME }}"
-            --branch "${{ env.COMPONENT_BRANCH_NAME }}"
+          component-name: bcd
           fail-on-warning: true
diff --git a/.github/workflows/contribution-checks.yml b/.github/workflows/contribution-checks.yml
@@ -1,10 +1,10 @@
 name: Contribution checks
 
 on:
-  pull_request:
+  pull_request_target:
 
 jobs:
   check_antora_content_guidelines:
     permissions:
       pull-requests: write # "pr-antora-content-guidelines-checker" write PR comments when the PR doesn't match the "Guidelines"
-    uses: bonitasoft/bonita-documentation-site/.github/workflows/_reusable_pr-antora-content-guidelines-checker.yml@master
+    uses: bonitasoft/bonita-documentation-site/.github/workflows/_reusable_pr-antora-content-guidelines-checker.yml@master