Closed faxblaster closed 10 months ago
Found this related issue and answer: https://github.com/orgs/community/discussions/26657#discussioncomment-3252753
The workaround is to use a pull_request_target trigger as those do not require a merge commit but run the workflow from the target branch. But take note of the warnings in the docs below. https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target
The GITHUB_TOKEN
is granted read/write repository permission unless the permissions key is specified.
So it sounds like we could update usage to something like:
# deploy-preview.yml
on:
- pull_request:
+ pull_request_target:
types: [opened, closed]
+permissions: {}
jobs:
deploy-preview:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: tighten/laravel-deploy-preview@v1
with:
forge-token: ${{ secrets.FORGE_TOKEN }}
servers: |
qa-1.acme.dev 60041
I think we actually might have already solved this and I just never came back and looked at these issues 😅 as far as I can tell just adding the closed
event type seems to be enough: https://github.com/tighten/laravel-deploy-preview-app/blob/main/.github/workflows/deploy-preview.yml
I think 'add instructions for doing that manually' might have just meant adding a note about closed
to the readme?
Notes:
pull_request
event doesn't trigger on close, add instructions for doing that manually or set up some other way to trigger cleanup