Skip to content

Commit 2472c4a

Browse files
authored
docs(deploy): describe new PAT-based dispatch credential (#55)
1 parent c29404a commit 2472c4a

1 file changed

Lines changed: 10 additions & 8 deletions

File tree

.github/workflows/deploy.yml

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,22 +8,24 @@
88
# Triggers:
99
# - repository_dispatch (event type: docs-changed) — fired by
1010
# `.github/workflows/docs-deploy-trigger.yml` in `sbpp/sourcebans-pp` after a
11-
# push to main that touches `docs/**`. The dispatcher mints a short-lived
12-
# installation token via the org-owned `sbpp-docs-deploy` GitHub App
13-
# (Actions: write scope on this repo only) so we never need a PAT.
11+
# push to main that touches `docs/**`. The dispatcher authenticates with a
12+
# fine-grained PAT (`Actions: write` scope on this repo only) stored as
13+
# `secrets.DOCS_DEPLOY_PAT` over there.
1414
# - workflow_dispatch — manual button in the Actions UI for forced redeploys.
15+
# Always available; no credentials needed (runs entirely inside this repo).
1516
# - schedule (weekly Sunday) — safety net in case a dispatch is dropped, the
1617
# upstream source is unreachable at dispatch time, or a previous deploy
1718
# failed silently.
1819
#
1920
# MANUAL SETUP REQUIRED (see issue #1333 cutover steps; cannot be configured in
2021
# workflow YAML):
2122
# - Settings → Pages → Source must be set to "GitHub Actions" (UI-only).
22-
# - The `sbpp-docs-deploy` GitHub App must exist with `Actions: write` scope on
23-
# this repo, be installed on this repo, and have its App ID + private key
24-
# registered as `vars.DOCS_DEPLOY_APP_ID` + `secrets.DOCS_DEPLOY_APP_KEY` in
25-
# `sbpp/sourcebans-pp` (consumed by the dispatcher there — not by anything
26-
# here).
23+
# - For automatic deploys on docs PR merges (optional — `workflow_dispatch`
24+
# and the weekly cron cover the bases otherwise): create a fine-grained PAT
25+
# scoped to `sbpp/sbpp.github.io` only with the `Actions: Read and write`
26+
# repository permission, then register it on `sbpp/sourcebans-pp` as
27+
# `secrets.DOCS_DEPLOY_PAT`. The dispatcher there picks it up; no setup
28+
# is needed in this repo.
2729

2830
name: Deploy docs to Pages
2931

0 commit comments

Comments
 (0)