We’ve a community maintained project in an organisation & the it’s deployed on Netlify using GitHub Actions. Interested contributors are free to fork the repo & share their PRs with us. And in ideal scenario, we would like to configure the workflow to:
- Build the website in context to the contents of the PR (which works well & we’ve not faced any issues yet).
- Deploy the built static assets to Netlify to view a preview version of the PR (which fails due to an authentication issue since the secret tokens are no longer available to the workflows of the PRs from forked repos).
I’m aware similar discussions exists at:
- Can I allow PRs to access secrets in an approved environment?
- Access to secrets in PR from fork using environments and pull_request_target
… but none of the threads has any definitive answer to the solution of the problem.
So, I was wondering are we missing out on something? Is it possible to keep using GH Action for our requirements? If so, how do we do it?