Can't teardown preview using pull-request https://github.com/debezium/debezium.github.io/runs/3817363212?check_suite_focus=true

Error: The process '/usr/local/bin/npx' failed with exit code 1
Error: Resource not accessible by integration

PR：ant-design-colorful/ant-design-colorful#16

PR 预览：https://ant-design-colorful-ant-design-colorful-preview-pr-16.surge.sh/

项目是通过 Dumi 构建，放到 GitHub Pages 上，通过 base 和 publicPath 设置了二级目录，访问时候也是需要二级目录。

给的预览地址好像默认还是一级的，我怎么样才能访问到二级？

There hasn't been a release in ~2 years and the repository owner hasn't answered in the issues for a while.

I was wondering if this action is still maintained?

现象见：antvis/antvis.github.io#85 (comment)

解决方式见：#59

需要挨个去发 PR：

• https://github.com/ant-design/ant-design-pro 🔀 ant-design/ant-design-pro#7588
• https://github.com/ant-design/pro-components 🔀 ant-design/pro-components@fb2245e
• https://github.com/NG-ZORRO/ng-zorro-antd
• https://github.com/antvis/antvis.github.io 🔀 antvis/antvis.github.io#87
• https://github.com/antvis/gatsby-theme-antv 🔀 antvis/gatsby-theme-antv#251
• https://github.com/antvis/g2 🔀 antvis/G2#3011
• https://github.com/antvis/g6 🔀 antvis/G6#2274
• https://github.com/antvis/x6 🔀 antvis/X6#286
• https://github.com/antvis/g2plot 🔀 antvis/G2Plot#1897
• https://github.com/umijs/dumi 🔀 umijs/dumi#374
• https://github.com/alibaba/hooks 🔀 alibaba/hooks#717
• https://github.com/youzan/vant 🔀 youzan/vant#7539
• https://github.com/didi/cube-ui 🔀 didi/cube-ui#742
• https://github.com/didi/mand-mobile 🔀 didi/mand-mobile#718
• https://github.com/jdf2e/nutui 🔀 jdf2e/nutui#348
• https://github.com/ant-design-colorful/ant-design-colorful 🔀 ant-design-colorful/ant-design-colorful@10665b3

比如 项目中只有一个 index.html 在根目录，引入一些 css，没有 build 命令，dist 也是根目录

Description

Hi,

Through this PR, I added PR preview for Devfiles using Surge: devfile/docs#106

However, right here devfile/docs#116, the CI fails and the preview comment is not being generated. Here are the CI logs:

   Running as [email protected] (Student)

        project: ./out/docs
         domain: devfile-docs-preview-pr-116.surge.sh


     encryption: *.surge.sh, surge.sh (136 days)
             IP: 138.197.235.123

   Success! - Published to devfile-docs-preview-pr-116.surge.sh

Error: Resource not accessible by integration

While browsing through the GitHub community, I discovered this: https://github.community/t/github-actions-are-severely-limited-on-prs/18179

However, I did not find such problems on other projects using the same action. Can I get a better direction on how I can solve this problem? Thanks a lot!

one of the action parameters is build, which has a default script.
if not provided by the consuming action, it will run a redundant script npm install etc'.

I had to just set some random command to override it. maybe it's redundant?

jobs:
  preview:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-node@v2
        with:
          node-version: '16'
          cache: 'npm'

      - name: Install Dependencies
        run: npm ci

      - name: Build Site
        run: npm run nx build docs

      - name: Deploy
        uses: afc163/surge-preview@v1
        id: preview_step
        with:
          surge_token: ${{ secrets.SURGE_TOKEN }}
          github_token: ${{ secrets.GITHUB_TOKEN }}
          dist: dist/apps/docs
          teardown: 'true'
          build: echo # required to override default script that may damage the setup

      - name: Get the preview_url
        run: echo "url => ${{ steps.preview_step.outputs.preview_url }}"

Warning: For workflows that are triggered by the pull_request_target event, the GITHUB_TOKEN is granted read/write repository permission unless the permissions key is specified and the workflow can access secrets, even when it is triggered from a fork. Although the workflow runs in the context of the base of the pull request, you should make sure that you do not check out, build, or run untrusted code from the pull request with this event. Additionally, any caches share the same scope as the base branch. To help prevent cache poisoning, you should not save the cache if there is a possibility that the cache contents were altered. For more information, see "Keeping your GitHub Actions and workflows secure: Preventing pwn requests" on the GitHub Security Lab website.
pull_request_target

1. pull_request change to pull_request_target
2. Change checkout ref and repo

- uses: actions/checkout@v2
        with:
          ref: ${{github.event.pull_request.head.ref}}
          repository: ${{github.event.pull_request.head.repo.full_name}}

Example:

https://github.com/gocrane/crane/blob/main/.github/workflows/preview.yml

name: 🔂 Crane PR Docs Preview

on:
  pull_request_target:
    # when using teardown: 'true', add default event types + closed event type
    types: [opened, synchronize, reopened, closed]

jobs:
  preview:
    runs-on: ubuntu-latest
    permissions:
      issues: write
      pull-requests: write
      contents: write
    steps:
      - uses: actions/checkout@v2
        with:
          ref: ${{github.event.pull_request.head.ref}}
          repository: ${{github.event.pull_request.head.repo.full_name}}

      - uses: actions/setup-python@v2
        with:
          python-version: "3.9"

      - run: pip install mkdocs-material mkdocs-static-i18n mike

      - run: git log --oneline --decorate --max-count=10 && ls -la

      - uses: afc163/surge-preview@v1
        with:
          surge_token: ${{ secrets.SURGE_TOKEN }}
          github_token: ${{ secrets.GITHUB_TOKEN }}
          dist: site
          teardown: 'true'
          build: |
           mkdocs build

It works fine.

gocrane/crane#248

https://github.com/gocrane/crane/actions/runs/2102551351/workflow

We are currently getting an error on deployments:

/home/runner/.npm/_npx/4089/lib/node_modules/surge/lib/middleware/util/helpers.js:109
      if (e) throw e
             ^

Error: connect ETIMEDOUT 192.241.214.148:443
    at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1141:16) {
  errno: 'ETIMEDOUT',
  code: 'ETIMEDOUT',
  syscall: 'connect',
  address: '192.241.214.148',
  port: 443
}
Error: The process '/opt/hostedtoolcache/node/12.18.0/x64/bin/npx' failed with exit code 1

I'm not sure if this is possible. It would be nice if this action could be integrated with the native github deployment comment.
See screenshot:

• 第一次 push 有时会拿不到 PR number #13
• 取 check_run_id #14

Thanks for this useful action!

I was interested to try out this with @tbouffard's new addition (#294) to use this action in combination with workflow_run: and teardown: true

However, the current action still assumes it can get the pull_request "state" (open or closed) from the payload

I made a small change to alternatively get the status from the API as well, which seems to work! (relativeorbit/sarbook#7).

https://github.com/afc163/surge-preview/actions/runs/345340018

refer my pull request: ant-design-blazor/ant-design-blazor#592

In order to use surge-preview for pull-request, we have to have 2 workflows:

• one that is bound to pull-request and that will check the PR but not publish to Surge
• another one that is bound to workflow_run thus will be launched when the previous one is completed.

But surge-preview is complaining that it can't find a PR corresponding to the commit id.

Please note that pull_request_target is not an option for us for security reasons

Add an option that will teardown a preview preview when a pull request is closed

This can be configurable, maybe: teardown: "true" or "false"?
When the event action is closed then run the surge teardown <pr-preview-url>

it makes sense for this action to take care of it to ensure the url is generated by one utility

name: teardown

on:
  pull_request:
    types: [closed]

jobs:
  teardown-preview:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: afc163/surge-preview@{version}
        with:
          surge_token: ${{ secrets.SURGE_TOKEN }}
          github_token: ${{ secrets.GITHUB_TOKEN }}
          teardown: 'true'

expected:

A failed surge deployment should also fail the workflow

actual:

A failed surge deployment results in a successful workflow

Example: https://github.com/pixelass/react-js-template/runs/6706296076?check_suite_focus=true

I’m digesting this repo to implement sth similar. This line of code confused me https://github.com/afc163/surge-preview/blob/main/src/main.ts#L135 and I couldn’t figure out where ‘surge’ command line come from?

Could you please share how it works? Thanks.

Hello,
Thank you for providing surge-preview!

I've been using the package well for many months till getting an error recently as of about 2-3 weeks ago.

As you see, the git action process is completed successfully as before.

However, when getting into the preview website by url, I found that the resources are not downloaded properly showing empty page as below:
In this case, I'm using a specific wifi supplied by a telecom company.

But, in case that I use hotspot from my phone, It's downloading resources and opening website properly as below:

I think it's related to the wifi, but It was working well before even with the wifi. Thus, I wonder if there are any changes in surge-preview for the updates.

Please refer to the above and hope to get any valuable answers or solutions.

Thank you!

The action does not leave a comment with the URL of the deployed PR, it just deploys and appears in the action log.

Hi @afc163,
We tried to reach you at [email protected], but unsuccessfully.
Could you please write to [email protected]?