Skip to content
CI

docs: document revoke UI and My Attestations page #34

Sign in to view logs

docs: document revoke UI and My Attestations page

docs: document revoke UI and My Attestations page #34

Workflow file for this run

.github/workflows/ci.yml at 69b4435
name: CI
on:
push:
branches: [main]
pull_request:
workflow_dispatch:
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Set up Node.js
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
with:
node-version: 22
cache: npm
- name: Install dependencies
run: npm ci
- name: Generate Prisma client
run: |
npx prisma generate
bash scripts/patch-prisma-for-workers.sh
- name: ESLint
run: npm run lint
- name: actionlint
run: |
bash <(curl -sS https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
./actionlint -color
- name: ShellCheck
run: shellcheck scripts/*.sh
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Set up Node.js
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
with:
node-version: 22
cache: npm
- name: Install dependencies
run: npm ci
- name: Generate Prisma client
run: |
npx prisma generate
bash scripts/patch-prisma-for-workers.sh
- name: Type check
run: npm run type-check
- name: Run tests
run: npm test
# ── Detect deployable changes ────────────────────────────────────────────────
changes:
name: Check changes
runs-on: ubuntu-latest
outputs:
deployable: ${{ steps.filter.outputs.deployable }}
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 2
- name: Detect deployable file changes
id: filter
run: |
# On manual dispatch, always deploy.
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "deployable=true" >> "$GITHUB_OUTPUT"
exit 0
fi
CHANGED=$(git diff --name-only HEAD~1 HEAD)
echo "Changed files:"
echo "$CHANGED"
if echo "$CHANGED" | grep -qE '^(src/|docs/|prisma/|scripts/|package|tsconfig|wrangler\.toml)'; then
echo "deployable=true" >> "$GITHUB_OUTPUT"
else
echo "deployable=false" >> "$GITHUB_OUTPUT"
echo "No deployable changes — deploy will be skipped."
fi
# ── Deploy (main only, after lint + test pass, deployable changes only) ────
deploy:
name: Deploy
needs: [lint, test, changes]
if: >-
github.ref == 'refs/heads/main' &&
needs.changes.outputs.deployable == 'true'
runs-on: ubuntu-latest
environment: production
permissions:
contents: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Set up Node.js
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
with:
node-version: 22
cache: npm
- name: Install dependencies
run: npm ci
- name: Generate Prisma client
run: |
npx prisma generate
bash scripts/patch-prisma-for-workers.sh
- name: Build
run: npm run build
- name: Set D1 database ID
run: |
if [ -n "$CF_D1_DATABASE_ID" ]; then
sed -i 's|^database_id = "[^"]*"|database_id = "'"$CF_D1_DATABASE_ID"'"|' wrangler.toml
fi
env:
CF_D1_DATABASE_ID: ${{ secrets.CF_D1_DATABASE_ID }}
- name: Run D1 migrations
run: npx wrangler d1 migrations apply action-gate
env:
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
- name: Deploy API worker
run: npx wrangler deploy
env:
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
- name: Stamp git SHA into dashboard
run: sed -i "s/__GIT_SHA__/${GITHUB_SHA::8}/g" docs/index.html docs/my-attestations.html
- name: Deploy dashboard
run: npx wrangler pages deploy docs --project-name action-gate-dashboard
env:
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}