Update permission to write commit statuses. #70
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish Storybook to GitHub Pages | |
on: | |
push: | |
branches: | |
- 'main' | |
# WARNING: This allows storybook-branch-switcher CLI to run `npm run ${arbitrary_script}` | |
# BUT the worst it can do is: | |
# - force changes to our GitHub Pages website, | |
# - force commit status updates, | |
# unless the permissions key below is changed. | |
pull_request_target: | |
types: [opened, synchronize, reopened] | |
# Be careful about changing these, due to pull_request_target trigger. | |
permissions: | |
contents: read | |
pages: write | |
id-token: write | |
statuses: write | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
# See: https://github.com/bitovi/github-actions-storybook-to-github-pages | |
- uses: bitovi/[email protected] | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
build_command: "npx sb-branch-switcher --config .storybook/.branches.json" | |
path: dist/storybook-bundle | |
# Done manually so we can checkout submodule | |
checkout: false | |
# See: https://github.com/ouzi-dev/commit-status-updater/pull/533 | |
- uses: patcon/commit-status-updater@patch-1 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
status: "success" | |
url: "https://civictechto.github.io/polis-storybook/PR-${{ github.event.number }}/" | |
name: "Storybook" | |
description: "This branch now available." |