.github/actions/deploy-to-github-pages: use Cloudflare API directly

[ttaylorr]

As pointed out in [1], using the cloudflare-purge-action incurs a ~31 second penalty at the start of the "deploy" action, where time is spent building a Docker container to run the action.

This is unnecessary, since Cloudflare has a straightforward REST API that we can use cURL to communicate with directly, without the extra start-up cost.

Let's do that instead, and move this to run in the deploy-to-github-pages action, which is run from multiple entry points, all of which will want to purge the Cloudflare caches upon deployment.

[1]: #1893 (comment)

/cc @dscho

[dscho]

Great work! I just had one concern regarding using secrets in a composite Action. Otherwise I like it!

[dscho]

I fear that this won't work, as composite GitHub Actions do not allow access to secrets; They have to be passed in as inputs IIRC. Did you get a chance to test this in your fork?

[ttaylorr]

Ah, great catch. I fixed this up in the last commit that I force-pushed back up, which should do the trick.

[ttaylorr]

I tested this in my fork here and it works!

log output

2024-10-04T18:40:30.0647106Z ##[group]Run curl "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE/purge_cache" \
2024-10-04T18:40:30.0648004Z �[36;1mcurl "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE/purge_cache" \�[0m
2024-10-04T18:40:30.0648696Z �[36;1m  -H "Authorization: ***" \�[0m
2024-10-04T18:40:30.0649066Z �[36;1m  -H "Content-Type: application/json" \�[0m
2024-10-04T18:40:30.0649467Z �[36;1m  -d '{ "purge_everything": true }'�[0m
2024-10-04T18:40:30.0673380Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2024-10-04T18:40:30.0673777Z env:
2024-10-04T18:40:30.0673980Z   GITHUB_PAGES: true
2024-10-04T18:40:30.0674224Z   HUGO_VERSION: 0.134.3
2024-10-04T18:40:30.0674478Z   PAGEFIND_VERSION: 1.1.1
2024-10-04T18:40:30.0674855Z   CLOUDFLARE_ZONE: ***
2024-10-04T18:40:30.0675255Z   CLOUDFLARE_TOKEN: ***
2024-10-04T18:40:30.0675501Z ##[endgroup]
2024-10-04T18:40:30.0766684Z   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
2024-10-04T18:40:30.0768611Z                                  Dload  Upload   Total   Spent    Left  Speed
2024-10-04T18:40:30.0769184Z 
2024-10-04T18:40:30.4802046Z   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
2024-10-04T18:40:30.4809963Z 100   148    0   120  100    28    297     69 --:--:-- --:--:-- --:--:--   366
2024-10-04T18:40:30.4810900Z 100   148    0   120  100    28    296     69 --:--:-- --:--:-- --:--:--   365
2024-10-04T18:40:30.4811458Z {
2024-10-04T18:40:30.4812102Z   "result": {
2024-10-04T18:40:30.4814641Z     "id": "***"
2024-10-04T18:40:30.4815018Z   },
2024-10-04T18:40:30.4815341Z   "success": true,
2024-10-04T18:40:30.4815737Z   "errors": [],
2024-10-04T18:40:30.4816106Z   "messages": []
2024-10-04T18:40:30.4816464Z }

The workflow failure is a result of unrelated test failures, but I think this patch here is good.

[dscho]

The workflow failure is a result of unrelated test failures

To be precise, it is (as can be verified by downloading the playwright-report artifact:

2024-10-04T18:41:07.9809690Z 1) [chrome] › git-scm.spec.js:201:1 › book ───────────────────────────────────────────────────────
2024-10-04T18:41:07.9810522Z
2024-10-04T18:41:07.9811847Z Error: Timed out 5000ms waiting for expect(locator).toHaveURL(expected)
2024-10-04T18:41:07.9812982Z
2024-10-04T18:41:07.9813230Z Locator: locator(':root')
2024-10-04T18:41:07.9814002Z Expected string: "http://ttaylorr.com/git-scm.com/book/en/v2"
2024-10-04T18:41:07.9815314Z Received string: "https://ttaylorr.com/git-scm.com/book/en/v2"

In other words, for some reason the workflow run thinks that the baseURL is an http (unsecured) URL, while the received URL is an https (secure) one.

So yes, this is an unrelated error. Thank you for verifying that it works!

[dscho]

Very nice. This run took only 4 minutes and 39 seconds, and the Cloudflare API call contributed less than half a second:

[...]
2024-10-06T11:03:22.1425543Z ##[group]Run curl "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE/purge_cache"
2024-10-06T11:03:22.1426381Z curl "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE/purge_cache"
2024-10-06T11:03:22.1427152Z -H "Authorization: ***"
2024-10-06T11:03:22.1427543Z -H "Content-Type: application/json"
2024-10-06T11:03:22.1427958Z -d '{ "purge_everything": true }'
2024-10-06T11:03:22.1451407Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2024-10-06T11:03:22.1451827Z env:
2024-10-06T11:03:22.1452047Z GITHUB_PAGES: true
2024-10-06T11:03:22.1452311Z HUGO_VERSION: 0.134.3
2024-10-06T11:03:22.1452584Z PAGEFIND_VERSION: 1.1.1
2024-10-06T11:03:22.1452968Z CLOUDFLARE_ZONE: ***
2024-10-06T11:03:22.1453403Z CLOUDFLARE_TOKEN: ***
2024-10-06T11:03:22.1453681Z ##[endgroup]
2024-10-06T11:03:22.1545000Z % Total % Received % Xferd Average Speed Time Time Time Current
2024-10-06T11:03:22.1547167Z Dload Upload Total Spent Left Speed
2024-10-06T11:03:22.1547722Z
2024-10-06T11:03:22.5358673Z 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
2024-10-06T11:03:22.5359585Z {
2024-10-06T11:03:22.5360058Z "result": {
2024-10-06T11:03:22.5360852Z "id": "***"
2024-10-06T11:03:22.5361572Z 100 148 0 120 100 28 314 73 --:--:-- --:--:-- --:--:-- 388
2024-10-06T11:03:22.5362301Z },
2024-10-06T11:03:22.5362653Z "success": true,
2024-10-06T11:03:22.5363079Z "errors": [],
2024-10-06T11:03:22.5363487Z "messages": []
2024-10-06T11:03:22.5363883Z }
2024-10-06T11:03:22.5406558Z ##[group]Run base_url='http://git-scm.com'
[...]