Problem
External contributors who submit PRs from forks do not get preview deployments. GitHub blocks secrets from being passed to workflows triggered by fork pull requests, so BUILD_PREVIEW_TOKEN is unavailable and the deploy step fails silently.
This was first noticed with PR #43 from @fl-modex.
Fix
Split the preview workflow into two steps:
- Build (
pull_request trigger) — no secrets needed, safe for forks
- Deploy (
workflow_run trigger) — runs in base repo context, has access to secrets
Tracked in PR #50.
Problem
External contributors who submit PRs from forks do not get preview deployments. GitHub blocks secrets from being passed to workflows triggered by fork pull requests, so
BUILD_PREVIEW_TOKENis unavailable and the deploy step fails silently.This was first noticed with PR #43 from @fl-modex.
Fix
Split the preview workflow into two steps:
pull_requesttrigger) — no secrets needed, safe for forksworkflow_runtrigger) — runs in base repo context, has access to secretsTracked in PR #50.