feat(workflows): add reusable Docusaurus workflow (DX-2760)#1398
feat(workflows): add reusable Docusaurus workflow (DX-2760)#1398
Conversation
Convert docs-test and docs-deploy composite actions to reusable workflows for consistency with other .github workflows.
|
👋 sebawo, thanks for creating this pull request! To help reviewers, please consider creating future PRs as drafts first. This allows you to self-review and make any final changes before notifying the team. Once you're ready, you can mark it as "Ready for review" to request feedback. Thanks! |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
…cusaurus Single reusable workflow with two jobs: docs-test (build + test) and docs-deploy (build + deploy to GitHub Pages). Deploy runs after test succeeds. Remove reusable-docs-test.yml and reusable-docs-deploy.yml.
sebawo
changed the title
Pin smartcontractkit/.github/actions/setup-nodejs to commit hash (43fe7fd) to resolve CodeQL unpinned-action warning.
Co-authored-by: chainchad <96362174+chainchad@users.noreply.github.com>
| working-directory: ${{ inputs.docs-directory }} | ||
| env: | ||
| BUILD_COMMAND: ${{ inputs.build-command }} | ||
| run: $BUILD_COMMAND |
There was a problem hiding this comment.
I wonder if we should get rid of the first job, and just have one job since we have to build? We coudl run build and test in this job.
| id-token: write | ||
| steps: | ||
| - name: Checkout repo | ||
| if: inputs.checkout-repo == 'true' |
There was a problem hiding this comment.
This should not be optional. We have it in actions because the calling job may or may not checkout the repo before calling the action.
Because this is a self-contained reusable workfow, these jobs are standalone and require a checkout.
| checkout-repo: | ||
| description: "enable git checkout repo" | ||
| required: false | ||
| type: string | ||
| default: "true" | ||
| checkout-repo-fetch-depth: | ||
| description: "number of commits to fetch" | ||
| required: false | ||
| type: string | ||
| default: "0" |
There was a problem hiding this comment.
I think we can delete these inputs. Checkout is no longer optional, and fetch depth seems like an unnecessary complexity.
|
|
||
| - name: Build documentation | ||
| shell: bash | ||
| working-directory: ${{ inputs.docs-directory }} |
There was a problem hiding this comment.
Should this be in the docs directory or the package.json directory?
There was a problem hiding this comment.
@sebawo - Based on the reference workflow, they use pnpm -C ./docs build at the root of the repository. But they are setting up the node/pnpm using the package-json-directory at ./docs.
Given that, we probably don't need a docs-directory input.
Remove actions/docs-test and actions/docs-deploy; Docusaurus build/test and deploy is now only via reusable-docusaurus.yml workflow. Remove docs-actions-minor changeset and update pnpm-lock.yaml.
Build once, then run test (if set), upload pages artifact, and deploy. Removes duplicate build and second job (docs-deploy).
Co-authored-by: chainchad <96362174+chainchad@users.noreply.github.com>
- reusable-docusaurus: add job-level permissions (contents, pages, id-token) and header comment documenting required permissions; no workflow-level perms - pull-request-main: add workflow-permissions-check job to fail when reusable workflows have non-empty workflow-level permissions
chainchad
force-pushed
the
convert-docs-actions-to-reusable-workflows
branch
from
e4a32e6 to
4575245
Compare
| - uses: actions/checkout@v6 | ||
|
|
||
| - name: Setup nodejs | ||
| uses: smartcontractkit/.github/actions/setup-nodejs@setup-nodejs/v1 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
There was a problem hiding this comment.
@chainchad we need to write the custom config to skip those findings for internal actions.
sebawo
changed the title
|
|
||
| - name: Build documentation | ||
| shell: bash | ||
| working-directory: ${{ inputs.docs-directory }} |
There was a problem hiding this comment.
@sebawo - Based on the reference workflow, they use pnpm -C ./docs build at the root of the repository. But they are setting up the node/pnpm using the package-json-directory at ./docs.
Given that, we probably don't need a docs-directory input.
| - name: Upload pages artifact | ||
| uses: actions/upload-pages-artifact@v4.0.0 | ||
| with: | ||
| path: >- | ||
| ${{ inputs.docs-directory }}/${{ inputs.build-output-directory }} | ||
|
|
||
| - name: Deploy to GitHub Pages | ||
| uses: actions/deploy-pages@v4.0.5 |
There was a problem hiding this comment.
This uploads and deploys everytime. Based on the reference workflow, we need a way to:
- Test the build during PR events, and MQ events.
- Build and deploy on pushes to main
| - name: Test documentation | ||
| if: inputs.test-command != '' | ||
| shell: bash | ||
| working-directory: ${{ inputs.docs-directory }} | ||
| env: | ||
| TEST_COMMAND: ${{ inputs.test-command }} | ||
| run: $TEST_COMMAND |
There was a problem hiding this comment.
Based on the reference workflow, there is no "test" step. The testing workflow builds the docs, and that's the validation. Is there other use-cases where there will be a dedicated test for the docs?
3 participants
Add a single reusable workflow for Docusaurus documentation: build, test (optional), and deploy to GitHub Pages. Remove the former composite actions in favor of the workflow only.
Changes
Added
docusaurus): checkout, setup Node.js (pinned ref), build docs, (optional) run tests, upload pages artifact, deploy to GitHub Pages. Build runs once; no duplicate jobs.Callers use one
workflow_callto run build, test, and deploy in a single job.Security
smartcontractkit/.github/actions/setup-nodejsto commit hash (setup-nodejs@0.2.3) to satisfy CodeQL unpinned-action requirement.Removed
Other
actions/docs-testandactions/docs-deployfrom lockfile.