You are viewing a plain text version of this content. The canonical link for it is here.
Posted to github@arrow.apache.org by "alamb (via GitHub)" <gi...@apache.org> on 2023/06/27 18:07:33 UTC
[GitHub] [arrow-rs] alamb commented on a diff in pull request #4452: fix docs deployment
alamb commented on code in PR #4452:
URL: https://github.com/apache/arrow-rs/pull/4452#discussion_r1244155865
##########
.github/workflows/docs.yml:
##########
@@ -66,20 +66,32 @@ jobs:
- name: Upload artifacts
uses: actions/upload-pages-artifact@v1
with:
+ name: crate-docs
path: target/doc
deploy:
# Only deploy if a push to master
if: github.ref_name == 'master' && github.event_name == 'push'
needs: docs
permissions:
- pages: write # to deploy to Pages
- id-token: write # to verify the deployment originates from an appropriate source
- environment:
- name: github-pages
- url: ${{ steps.deployment.outputs.page_url }}
+ contents: write
runs-on: ubuntu-latest
steps:
- - name: Deploy to GitHub Pages
- id: deployment
- uses: actions/deploy-pages@v2
+ - uses: actions/checkout@v3
+ - name: Download crate docs
+ uses: actions/download-artifact@v3
+ with:
+ name: crate-docs
+ path: website/build
+ - name: Prepare website
+ run: |
+ tar -xf website/build/artifact.tar -C website/build
+ rm website/build/artifact.tar
+ cp .asf.yaml ./website/build/.asf.yaml
+ - name: Deploy to gh-pages
Review Comment:
I think we try to avoid using third-party github actions, as they can potentially be an attack vector.
I wonder what you think about using `git` directly like this?
https://github.com/apache/arrow-datafusion/blob/1d7cfe2256f6416afbd12b04af5b095b23b78c5d/.github/workflows/docs.yaml#L45-L64
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@arrow.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org