Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

infra: automatically post documentation previews for PRs #4829

Closed
wants to merge 3 commits into from

Conversation

neongreen
Copy link
Contributor

@neongreen neongreen commented Nov 11, 2024

This adds a new workflow that renders docs, publishes them to https://jj-preview.github.io/docs/, and posts a link to the PR thread.

Ignore all commits except for the last one. (uv changes are #4822)

How it looks in action: neongreen#1

image

TODOs

  • Add people to the jj-preview org
  • Add the deploy key to martinvonz/jj
  • Enable the docs-preview-build workflow for forks

Checklist

If applicable:

  • I have updated CHANGELOG.md
  • I have updated the documentation (README.md, docs/, demos/)
  • I have updated the config schema (cli/src/config-schema.json)
  • I have added tests to cover my changes

@neongreen neongreen force-pushed the push-ntpwlnsprolo branch 2 times, most recently from 23b0db7 to b0d02c6 Compare November 11, 2024 10:11
@neongreen neongreen requested a review from martinvonz November 11, 2024 16:16
@martinvonz
Copy link
Member

@ilyagr, you know much more about the doc generation than I do. Will you have time to review this?

@ilyagr ilyagr self-assigned this Nov 13, 2024
@ilyagr
Copy link
Contributor

ilyagr commented Nov 13, 2024

I will take a look, yes.

#
# 1. ssh-keygen -t ed25519 -C "" -N "" -f <where to put the keypair>
# 2. Add the public key to https://github.com/jj-preview/docs/settings/keys/new
# 3. Add the private key to https://github.com/martinvonz/jj/settings/secrets/actions/new
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm guessing only @martinvonz can do this, right?

Speaking of which, I just invited Martin to the jj-preview org. It's a party now. :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, Martin needs to add a GH secret. Or give someone a "CI/CD admin" role:

https://github.blog/changelog/2024-09-25-introducing-ci-cd-admin-a-new-pre-defined-organization-role-for-github-actions/

With the new CI/CD Admin role, organization owners and teams can now delegate comprehensive CI/CD management to individuals without the need to maintain a custom role

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added a secret called DOCS_DEPLOY_KEY. Its public key is:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5kNau/89p02CNJy0I+ijuE0qZUp+HjhZgZLtJ64m9y

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! I added the public key to https://github.com/jj-preview/docs/settings/keys. I also invited Martin to that org, but there's probably now no immediate need for him to join.

branch: 'main'
clean: true
target-folder: 'pr-${{ github.event.pull_request.number }}'
ssh-key: ${{ secrets.DOCS_DEPLOY_KEY }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might make sense to add a comment: # Creating this is documented in docs-preview-deploy.yml.

message: |
**📖 Documentation preview is published to https://jj-preview.github.io/docs/pr-${{ env.PR_NUMBER }}.**
Thanks for working on the docs!

Copy link
Contributor

@ilyagr ilyagr Nov 16, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd add:

This feature is experimental, feel free to open a bug or tell us in a chat if something is not working. We may remove it if it's too flaky.

You can always build and serve the docs on your own machine by following the instructions at https://martinvonz.github.io/jj/prerelease/contributing/#previewing-the-html-documentation

- name: Deploy
uses: JamesIves/github-pages-deploy-action@62fec3add6773ec5dbbf18d2ee4260911aa35cf4
with:
folder: empty-dir
Copy link
Contributor

@ilyagr ilyagr Nov 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(Thinking out loud, we can fiddle with this later if necessary) This might create a lot of empty dirs.

I don't think it matters much, but perhaps a better approach would be:

  • Deploy a file called PR_CLOSED to the dir in the docs repo here. No need to delete anything.
  • Have an action in the docs repo that deletes all dirs with PR_CLOSED marker if it's over 7 days old.

I'm not sure how well that will work if that action happens to happen while another action is deploying to the docs. But I'm also not sure it'd be worse than with this PR as is; I'm not sure how this PR will do if the cleanup action on one PR is running at the same time as the deploy action acts on another PR.

It is something we can discover experimentally, though.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This might create a lot of empty dirs.

It actually deletes the dir entirely (I checked).

I'm not sure how well that will work if that action happens to happen while another action is deploying to the docs.

Good catch. In fact, GHA doesn't support a "workflow queue" at all — if you use concurrency:, it will only keep one pending job in the queue.

I will fix that by disabling force and single-commit and switching to per-PR concurrency groups.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Update: I will also delete the cleanup entirely b/c the extra complexity is not worth it

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(Thinking out loud) Would just adding the PR_CLOSED file (or something like that) be too complex as well? Then we could occasionally clean up manually.

Unless we nuke the repo history, garbage collection won't save much git storage, but it might save on the amount of traffic needed to deploy the website. OTOH, GitHub seems to take care of that, so maybe it's not a problem (or we could assume that they are smart about it and use rsync).

Ultimately, this is up to you.

@neongreen
Copy link
Contributor Author

I just spent several hours reading about GHA security and learned (among other things) that all workflows have access to repo secrets.

We can mitigate that by creating a "deployment environment", scoping it to the main branch, and moving the secret there.

@martinvonz
Copy link
Member

I just spent several hours reading about GHA security and learned (among other things) that all workflows have access to repo secrets.

Thank you! I've moved the private key to the new preview environment now (and removed it from the project's top level).

@neongreen neongreen closed this Nov 20, 2024
@neongreen neongreen deleted the push-ntpwlnsprolo branch November 20, 2024 05:49
@neongreen
Copy link
Contributor Author

GitHub closed this PR b/c I renamed the branch in my fork.

I’ll make a new PR after fixing a few papercuts in the new version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants