Skip to content

Commit 56ff465

Browse files
Setup GitHub actions
1 parent 9961e2f commit 56ff465

File tree

1 file changed

+35
-0
lines changed

1 file changed

+35
-0
lines changed

.github/workflows/pr.yml

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
name: CI
2+
on:
3+
push: {}
4+
pull_request_target:
5+
types: [opened, reopened, synchronize]
6+
jobs:
7+
build:
8+
name: Preview
9+
runs-on: ubuntu-22.04
10+
steps:
11+
- uses: actions/checkout@v4
12+
# SECURITY: We are checking out dnsconfig.js and creds.json from the PR.
13+
# These two files cannot perform I/O, and cannot thus be used to leak
14+
# the secret tokens.
15+
# - name: Checkout config from PR
16+
# run: |
17+
# git fetch origin +refs/pull/${{ github.event.pull_request.number }}/head
18+
# git checkout FETCH_HEAD -- dnsconfig.js
19+
- name: Generate preview
20+
id: preview
21+
run: |
22+
{
23+
echo DNS_CONTROL_PREVIEW_OUTPUT<<DNS_CONTROL_PREVIEW_OUTPUT
24+
docker run --rm -v "$(pwd):/dns" --env CLOUDFLARE_ACCOUNT_ID --env CLOUDFLARE_API_TOKEN ghcr.io/stackexchange/dnscontrol:4.18.0 preview
25+
echo DNS_CONTROL_PREVIEW_OUTPUT
26+
} | tee -a $GITHUB_OUTPUT
27+
env:
28+
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
29+
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN_READ_ONLY }}
30+
- name: Create comment
31+
uses: babel/actions/create-comment@v2
32+
with:
33+
token: ${{ secrets.GITHUB_TOKEN }}
34+
issue: 1
35+
comment: ${{ join(steps.preview.outputs.*, '\n') }}

0 commit comments

Comments
 (0)