docs: document preflight token checks
This commit is contained in:
Micheal Wilkinson
@@ -30,7 +30,8 @@ Apply these checks before invoking actions:
|
||||
|
||||
- Checkout repository first.
|
||||
- For prepare/publish flows that depend on tags/history, use full history checkout (`fetch-depth: 0`).
|
||||
- Use valid credentials in `github.token` (or explicit token input for `publish` when needed).
|
||||
- Use valid credentials for release/comment API calls. On GitHub, `secrets.GITHUB_TOKEN` is used; on self-hosted Gitea, set `secrets.GITEA_TOKEN`.
|
||||
- `do-release` and `decorate-pr` now run preflight API checks and fail fast when token credentials are missing or insufficient.
|
||||
- Set required vars/secrets for coverage uploads:
|
||||
- `vars.ARTEFACT_BUCKET_NAME`
|
||||
- `vars.ARTEFACT_BUCKET_ENDPONT`
|
||||
@@ -241,3 +242,4 @@ Use these rules to avoid common automation mistakes:
|
||||
- Do not mix action tags in one workflow update.
|
||||
- Do not assume a release workflow will run from a tag push in all environments; reusable workflow call paths are supported.
|
||||
- Do not treat `VOCIFERATE_REPOSITORY_URL` as a full repository URL; it must be a base URL.
|
||||
- Do not bypass preflight failures with broad retry loops; fix token scope/secret wiring first.
|
||||
|
||||
Reference in New Issue
Block a user