Resolve `deploy-docs.yml`

author Yurii Motov <yurii.motov.monte@gmail.com>

Fri, 17 Apr 2026 14:15:05 +0000 (16:15 +0200)

committer Yurii Motov <yurii.motov.monte@gmail.com>

Fri, 17 Apr 2026 14:15:05 +0000 (16:15 +0200)
author Yurii Motov <yurii.motov.monte@gmail.com>
Fri, 17 Apr 2026 14:15:05 +0000 (16:15 +0200)
committer Yurii Motov <yurii.motov.monte@gmail.com>
Fri, 17 Apr 2026 14:15:05 +0000 (16:15 +0200)
diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml

index 31c3d73fdca034dfb378630993809494355af3c1..972fc742022e6fb414c42af7178d3a25dd52d0ba 100644 (file)
--- a/.github/workflows/deploy-docs.yml
+++ b/.github/workflows/deploy-docs.yml
@@ -1,26 +1,29 @@
  name: Deploy Docs
  on:
-  workflow_run:
+  workflow_run: # zizmor: ignore[dangerous-triggers]
      workflows:
        - Build Docs
      types:
        - completed
  
-permissions:
-  deployments: write
-  issues: write
-  pull-requests: write
-  statuses: write
+permissions: {}
  
  jobs:
    deploy-docs:
      runs-on: ubuntu-latest
+    permissions:
+      deployments: write
+      issues: write
+      pull-requests: write
+      statuses: write
      steps:
        - name: Dump GitHub context
          env:
            GITHUB_CONTEXT: ${{ toJson(github) }}
          run: echo "$GITHUB_CONTEXT"
        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
        - name: Set up Python
          uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
          with:
@@ -28,10 +31,8 @@ jobs:
        - name: Setup uv
          uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
          with:
-          enable-cache: true
-          cache-dependency-glob: |
-            pyproject.toml
-            uv.lock
+          version: "0.11.4"
+          enable-cache: false
        - name: Install GitHub Actions dependencies
          run: uv sync --locked --no-dev --group github-actions
        - name: Deploy Docs Status Pending
@@ -61,8 +62,8 @@ jobs:
            BRANCH: ${{ ( github.event.workflow_run.head_repository.full_name == github.repository && github.event.workflow_run.head_branch == 'main' && 'main' ) || ( github.event.workflow_run.head_sha ) }}
          uses: cloudflare/wrangler-action@9acf94ace14e7dc412b076f2c5c20b8ce93c79cd # v3.15.0
          with:
-          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} # zizmor: ignore[secrets-outside-env]
+          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} # zizmor: ignore[secrets-outside-env]
            command: pages deploy ./site --project-name=${{ env.PROJECT_NAME }} --branch=${{ env.BRANCH }}
        - name: Deploy Docs Status Error
          if: failure()
author	Yurii Motov <yurii.motov.monte@gmail.com>
	Fri, 17 Apr 2026 14:15:05 +0000 (16:15 +0200)
committer	Yurii Motov <yurii.motov.monte@gmail.com>
	Fri, 17 Apr 2026 14:15:05 +0000 (16:15 +0200)