florent/pages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Lighthouse Badger token as secret (#2589)

Browse Source 
In the
[FAQ](https://github.com/alshedivat/al-folio/blob/master/FAQ.md#my-webpage-works-locally-but-after-deploying-it-is-not-displayed-correctly-css-and-js-are-not-loaded-properly-how-do-i-fix-that),
it is mentioned to "add it as a secret". However, the Lighthouse Badger
documentation specifies using an environment variable. I've updated this
to use secrets instead, as it is more secure and appropriate for using a
Personal Access Token (PAT).

#### Personal Access Token (fine-grained) Permissions:
- **contents**: access: read and write
- **metadata**: access: read-only

#### Personal Access Token (classic) Permissions:
- **repo**


[refer](https://github.com/MyActionWay/lighthouse-badger-workflows#lighthouse-badger-easyyml:~:text=and%20permissions%20required-,PAT%20(fine%2Dgrained)%3A%20repository%20permissions,-contents%20%3D%3E%20access%3A%20read)

For more information, refer to the [GitHub documentation on using
secrets in GitHub
Actions](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions).
This commit is contained in:
Salman Faroz 2024-07-25 20:37:22 +05:30 committed by GitHub
parent b5247d9eca
commit e7da32f0e4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/lighthouse-badger.yml vendored
View File

@ -12,10 +12,10 @@ name: "Lighthouse Badger"
# DEFINE YOUR INPUTS AND TRIGGERS IN THE FOLLOWING
########################################################################
# INPUTS as environmental variables (env) for not manually triggered workflows
# INPUTS as Secrets (env) for not manually triggered workflows
env:
URLS: https://alshedivat.github.io/al-folio/
TOKEN_NAME: LIGHTHOUSE_BADGER_TOKEN
TOKEN_NAME: ${{ secrets.LIGHTHOUSE_BADGER_TOKEN }}
# If any of the following env is blank, a default value is used instead
REPO_BRANCH: "${{ github.repository }} master" # target repository & branch e.g. 'dummy/mytargetrepo main'
MOBILE_LIGHTHOUSE_PARAMS: "--only-categories=performance,accessibility,best-practices,seo --throttling.cpuSlowdownMultiplier=2"

13
CUSTOMIZE.md
View File

@ -152,3 +152,16 @@ You can add your social media links by adding the specified information at the `
You can add a newsletter subscription form by adding the specified information at the `newsletter` section in the [\_config.yml](_config.yml) file. To set up a newsletter, you can use a service like [Loops.so](https://loops.so/), which is the current supported solution. Once you have set up your newsletter, you can add the form [endpoint](https://loops.so/docs/forms/custom-form) to the `endpoint` field in the `newsletter` section of the [\_config.yml](_config.yml) file.
Depending on your specified footer behavior, the sign up form either will appear at the bottom of the `About` page and at the bottom of blogposts if `related_posts` are enabled, or in the footer at the bottom of each page.
## Adding Token for Lighthouse Badger
To add secrets for [lighthouse-badger](https://github.com/alshedivat/al-folio/actions/workflows/lighthouse-badger.yml), create a [personal access token (PAT)](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-fine-grained-personal-access-token) and add it as a [secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-encrypted-secrets-for-a-repository) named `LIGHTHOUSE_BADGER_TOKEN` to your repository. The [lighthouse-badger documentation](https://github.com/MyActionWay/lighthouse-badger-workflows#lighthouse-badger-easyyml) specifies using an environment variable, but using it as a secret is more secure and appropriate for a PAT.
Also In case you face the error: "Input required and not supplied: token" in the Lighthouse Badger action, this solution resolves it.
#### Personal Access Token (fine-grained) Permissions for Lighthouse Badger:
- **contents**: access: read and write
- **metadata**: access: read-only
Due to the necessary permissions (PAT and others mentioned above), it is recommended to use it as a secret rather than an environment variable.

1
INSTALL.md
View File

@ -29,7 +29,6 @@ The recommended approach for using **al-folio** is to first create your own site
4. Wait until the GitHub actions finish (check your repository **Actions** tab). Now, in addition to the master branch, your repository has a newly built gh-pages branch.
5. Finally, in the repository page go to `Settings -> Pages -> Build and deployment`, make sure that `Source` is set to `Deploy from a branch` and set the branch to `gh-pages` (NOT to master).
6. Wait until the GitHub actions finish (check your repository **Actions** tab), then simply navigate to `https://<your-github-username>.github.io` in your browser. At this point you should see a copy of the theme's [demo website](https://alshedivat.github.io/al-folio/).
After everything is set up, you can download the repository to your machine and start customizing it. To do so, run the following commands:
```bash