From 02d682c9972fcc05e189626293f985f6a0eda3a1 Mon Sep 17 00:00:00 2001
From: Thomas Bouffard <27200110+tbouffard@users.noreply.github.com>
Date: Thu, 18 Apr 2024 11:36:20 +0200
Subject: [PATCH] ci: make workflows better work for PR created from forked
 repo

"contribution checks"
The workflow now runs on `pull_request_target` events.
There is no security issue here. The checks are done only on the updated file of the PR without
doing tool installation, cache update or branch checkout. Only the GitHub API is used.
Using this event lets create a PR comment when the PR is created from a forked repository.

"build preview" and "references validation" workflows.
The content of the branch of the fork is now correctly used. Previously, the branch of the fork
wasn't found by Antora, so the content of the generated site was empty.
---
 .github/workflows/build-pr-preview.yml    | 12 ++----------
 .github/workflows/contribution-checks.yml |  4 ++--
 2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/build-pr-preview.yml b/.github/workflows/build-pr-preview.yml
index 4d331bd..7e3c1f7 100644
--- a/.github/workflows/build-pr-preview.yml
+++ b/.github/workflows/build-pr-preview.yml
@@ -3,23 +3,15 @@ name: Build PR preview
 on:
   pull_request:
     paths:
-      - 'modules/ROOT/**'
+      - 'modules/**'
       - 'antora.yml'
       - '.github/workflows/build-pr-preview.yml'
 jobs:
   validate_xref:
     runs-on: ubuntu-22.04
-    env:
-      COMPONENT_NAME: cloud
-      COMPONENT_BRANCH_NAME: ${{ github.head_ref }}
     steps:
       - name: Validate xref
         uses: bonitasoft/bonita-documentation-site/.github/actions/build-pr-site/@master
         with:
-          # '>' Replace newlines with spaces (folded)
-          # '-' No newline at end (strip)
-          build-preview-command: >-
-            ./build-preview.bash
-            --component "${{ env.COMPONENT_NAME }}"
-            --branch "${{ env.COMPONENT_BRANCH_NAME }}"
+          component-name: cloud
           fail-on-warning: true
diff --git a/.github/workflows/contribution-checks.yml b/.github/workflows/contribution-checks.yml
index 2a0d3f9..72c17ca 100644
--- a/.github/workflows/contribution-checks.yml
+++ b/.github/workflows/contribution-checks.yml
@@ -1,10 +1,10 @@
 name: Contribution checks
 
 on:
-  pull_request:
+  pull_request_target:
 
 jobs:
   check_antora_content_guidelines:
     permissions:
       pull-requests: write # "pr-antora-content-guidelines-checker" write PR comments when the PR doesn't match the "Guidelines"
-    uses: bonitasoft/bonita-documentation-site/.github/workflows/_reusable_pr-antora-content-guidelines-checker.yml@master
\ No newline at end of file
+    uses: bonitasoft/bonita-documentation-site/.github/workflows/_reusable_pr-antora-content-guidelines-checker.yml@master