8813b0cf1c
Currently, for PRs opened by external contributors, the various lint checks don't run (sometimes causing code that fails basic lint checks to be committed to main). From my current understanding (I find the docs around this confusing), we need to instead use the "pull_request" target. Refs: * https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request * https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/ Note that even then, we will need a manual step to approve running the lints for first time contributors. Which is fine, at least we'll see the option, unlike right now where they just can't be run until the code hits main.
37 lines
949 B
YAML
37 lines
949 B
YAML
name: "Verify build (docs)"
|
|
|
|
# Preflight build of docs. This allows us to ensure that yarn build is
|
|
# succeeding before we merge the PR into main.
|
|
|
|
on:
|
|
# Run on every pull request (open or push to it) that changes docs/
|
|
pull_request:
|
|
paths:
|
|
- "docs/**"
|
|
- ".github/workflows/docs-verify-build.yml"
|
|
|
|
jobs:
|
|
verify-build:
|
|
runs-on: ubuntu-latest
|
|
|
|
defaults:
|
|
run:
|
|
working-directory: docs
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup node and enable yarn caching
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 20
|
|
cache: "yarn"
|
|
cache-dependency-path: "docs/yarn.lock"
|
|
|
|
- name: Install dependencies
|
|
run: yarn install
|
|
|
|
- name: Build production site
|
|
run: yarn build
|