@@ -4,7 +4,7 @@ name: Preview Deploy
44
55on :
66 workflow_run :
7- workflows : [" Preview Build" ]
7+ workflows : [' Preview Build' ]
88 types :
99 - completed
1010
@@ -14,14 +14,14 @@ permissions:
1414jobs :
1515 deploy-site :
1616 permissions :
17- actions : read # for dawidd6/action-download-artifact to query and download artifacts
18- issues : write # for actions-cool/maintain-one-comment to modify or create issue comments
19- pull-requests : write # for actions-cool/maintain-one-comment to modify or create PR comments
17+ actions : read # for dawidd6/action-download-artifact to query and download artifacts
18+ issues : write # for actions-cool/maintain-one-comment to modify or create issue comments
19+ pull-requests : write # for actions-cool/maintain-one-comment to modify or create PR comments
2020 name : deploy preview
2121 runs-on : ubuntu-latest
2222 if : >
23- github.event.workflow_run.event == 'pull_request' &&
24- github.event.workflow_run.conclusion == 'success'
23+ github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
24+
2525steps :
2626 # We need get PR id first
2727 - name : download pr artifact
@@ -31,10 +31,16 @@ jobs:
3131 run_id : ${{ github.event.workflow_run.id }}
3232 name : pr
3333
34- # Save PR id to output
34+ # Save PR id to output and validate it's a number
3535 - name : save PR id
3636 id : pr
37- run : echo "id=$(<pr-id.txt)" >> $GITHUB_OUTPUT
37+ run : |
38+ PR_ID=$(cat pr-id.txt)
39+ if ! [[ "$PR_ID" =~ ^[0-9]+$ ]]; then
40+ echo "Invalid PR ID: Not a number"
41+ exit 1
42+ fi
43+ echo "id=$PR_ID" >> $GITHUB_OUTPUT
3844
3945# Download site artifact
4046 - name : download site artifact
4652
4753 - name : upload surge service
4854 id : deploy
55+ env :
56+ PR_ID : ${{ steps.pr.outputs.id }}
4957 run : |
50- export DEPLOY_DOMAIN=https://preview-${{ steps.pr.outputs.id }} -ant-design-web3.surge.sh
51- npx surge --project ./ --domain $ DEPLOY_DOMAIN --token ${{ secrets.SURGE_TOKEN }}
58+ DEPLOY_DOMAIN=" https://preview-${PR_ID} -ant-design-web3.surge.sh"
59+ npx surge --project ./ --domain "${ DEPLOY_DOMAIN}" --token ${{ secrets.SURGE_TOKEN }}
5260
5361name : update status comment
5462 uses : actions-cool/maintain-one-comment@v3
@@ -73,14 +81,14 @@ jobs:
7381
7482 build-site-failed :
7583 permissions :
76- actions : read # for dawidd6/action-download-artifact to query and download artifacts
77- issues : write # for actions-cool/maintain-one-comment to modify or create issue comments
78- pull-requests : write # for actions-cool/maintain-one-comment to modify or create PR comments
84+ actions : read # for dawidd6/action-download-artifact to query and download artifacts
85+ issues : write # for actions-cool/maintain-one-comment to modify or create issue comments
86+ pull-requests : write # for actions-cool/maintain-one-comment to modify or create PR comments
7987 name : build preview failed
8088 runs-on : ubuntu-latest
8189 if : >
82- github.event.workflow_run.event == 'pull_request' &&
83- github.event.workflow_run.conclusion == 'failure'
90+ github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'failure'
91+
8492steps :
8593 # We need get PR id first
8694 - name : download pr artifact
@@ -90,10 +98,16 @@ jobs:
9098 run_id : ${{ github.event.workflow_run.id }}
9199 name : pr
92100
93- # Save PR id to output
101+ # Save PR id to output and validate it's a number
94102 - name : save PR id
95103 id : pr
96- run : echo "id=$(<pr-id.txt)" >> $GITHUB_OUTPUT
104+ run : |
105+ PR_ID=$(cat pr-id.txt)
106+ if ! [[ "$PR_ID" =~ ^[0-9]+$ ]]; then
107+ echo "Invalid PR ID: Not a number"
108+ exit 1
109+ fi
110+ echo "id=$PR_ID" >> $GITHUB_OUTPUT
97111
98112name : The job has failed
99113 uses : actions-cool/maintain-one-comment@v3
0 commit comments