ongdisheng commented on PR #709: URL: https://github.com/apache/fesod/pull/709#issuecomment-3571499652
Hi @alaahong @delei, below is the current configuration I used in my forked repo: 1. Netlify Settings: I noticed that the Netlify bot was still commenting on PRs even when there were no website changes. To fix this, I switched off the automatic deploy previews for PR in the Netlify settings. <img width="593" height="311" alt="image" src="https://github.com/user-attachments/assets/c4a98f7b-c551-46bf-be66-e813b0231d7b"; /> <img width="596" height="404" alt="image" src="https://github.com/user-attachments/assets/49356ffa-aaad-45d4-a052-8caea9a3c7d3"; /> 2. GitHub Actions Workflows: Since we switched off Netlify's automatic deploy previews, all preview builds are now handled by GitHub Actions. I've implemented a secure two-workflow pattern that only builds when `website/**` files change: - [Build Documentation](https://github.com/ongdisheng/fesod/blob/main/.github/workflows/pr-docs-build.yml): Builds the website when `website/**` files change - [Preview Documentation](https://github.com/ongdisheng/fesod/blob/main/.github/workflows/pr-docs-preview.yml): Deploys to Netlify and posts a preview comment ## Summary - The workflows only trigger for PR when `website/**` files change. - The solution is more secure for fork PRs using the two-workflow pattern instead of using `pull_request_target`. - Only one GitHub Actions bot comment will appear per PR with the deploy preview URL, which updates automatically on each push. - All actions use Apache-approved versions with SHA pinning. ## Testing Results on My Own Repo: - [PR with website changes](https://github.com/ongdisheng/fesod/pull/3): Build triggered and preview deployed with comment - [PR without website changes](https://github.com/ongdisheng/fesod/pull/2): No build triggered and no comment Feel free to let me know if you have any questions or suggestions for improvements. Thanks! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
