ci: deployment workflow update

[cleot]

PR Type

Other

---

Description

• Replaced matrix-based deployment with separate jobs for each environment
• Added Node.js dependency caching for improved build performance
• Enhanced deployment strategy with preview, version, and production branches
• Updated action versions with commit SHA pinning for security

---

Changes walkthrough 📝

	Relevant files
Configuration changes	deploy-wildcat-docker.yml Remove old matrix-based deployment workflow                            .github/workflows/deploy-wildcat-docker.yml • Completely removed the existing matrix-based deployment workflow • Deleted all 95 lines of the original workflow configuration +0/-95
Enhancement	deploy.yml Add enhanced deployment workflow with caching                        .github/workflows/deploy.yml • Created new deployment workflow with separate jobs for each environment • Added Node.js dependency caching with actions/cache • Implemented three-tier deployment strategy (preview, version, production) • Pinned action versions with commit SHAs for security +224/-0

---

Need help?

Type /help how to ... in the comments thread for any questions about Qodo Merge usage.

Check out the documentation for more information.

[qodo-code-review]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Code Duplication The two deployment jobs contain nearly identical code with only environment variable differences. This creates maintenance overhead and potential for inconsistencies. Consider using a reusable workflow or job matrix to reduce duplication. deploy-wildcat-dev-docker: runs-on: ubuntu-latest permissions: contents: read deployments: write # set env name: Deploy to ${{ vars.CLOUDFLARE_PROJECT_DEV_DOCKER }} if: | github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'wildcat-dev-docker') env: PROJECT_NAME: ${{ vars.CLOUDFLARE_PROJECT_DEV_DOCKER }} VITE_API_BASE_URL: ${{ vars.VITE_API_BASE_URL_DEV_DOCKER }} VITE_KEYCLOAK_URL: ${{ vars.VITE_KEYCLOAK_URL_DEV_DOCKER }} VITE_KEYCLOAK_REALM: ${{ vars.VITE_KEYCLOAK_REALM_DEV_DOCKER || 'dev' }} VITE_KEYCLOAK_CLIENT_ID: ${{ vars.VITE_KEYCLOAK_CLIENT_ID_DEV_DOCKER || 'bff-dashboard' }} VITE_API_MOCKING_ENABLED: 'false' # checkout, validate on dispatch, setup and build, deploy steps: - name: Checkout ${{ github.ref_name }} uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.ref }} fetch-depth: 0 - name: Validate tag on manual dispatch if: github.event_name == 'workflow_dispatch' run: | if [[ "${{ github.ref_type }}" != 'tag' ]]; then echo "::error::Manual deployments must be triggered from a tag." echo "::error::Please select a tag from the 'Use workflow from' dropdown, not a branch." exit 1 fi echo "Validation successful: Running from tag '${{ github.ref_name }}'." - name: Setup Node uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: node-version: ${{ env.NODE_VERSION}} - name: Cache node modules id: cache-npm uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 env: cache-name: cache-node-modules with: path: ~/.npm key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-build-${{ env.cache-name }}- ${{ runner.os }}-build- ${{ runner.os }}- - name: List the state of node modules if: ${{ steps.cache-npm.outputs.cache-hit != 'true' }} continue-on-error: true run: npm list - name: Install dependencies run: npm ci - name: Build app run: npm run build # PREVIEW branch - name: Deploy ${{ github.ref_name }} to PREVIEW branch of ${{ env.PROJECT_NAME }} project if: github.event_name == 'push' uses: cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3.14.1 with: apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} command: pages deploy dist --project-name=${{ env.PROJECT_NAME }} --branch=preview # VERSION branch - name: Deploy ${{ github.ref_name }} to VERSION branch ${{ github.ref_name }} of ${{ env.PROJECT_NAME }} project if: github.event_name == 'push' uses: cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3.14.1 with: apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} command: pages deploy dist --project-name=${{ env.PROJECT_NAME }} --branch=${{ github.ref_name }} # PRODUCTION branch - name: Deploy ${{ github.ref_name }} to PRODUCTION of ${{ env.PROJECT_NAME }} project if: github.event_name == 'workflow_dispatch' uses: cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3.14.1 with: apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} command: pages deploy dist --project-name=${{ env.PROJECT_NAME }} ###################################################################### # ENV: wildcat-docker # CF project: wildcat-docker ###################################################################### deploy-wildcat-docker: runs-on: ubuntu-latest permissions: contents: read deployments: write # set env name: Deploy to ${{ vars.CLOUDFLARE_PROJECT_DOCKER }} if: | github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'wildcat-docker') env: PROJECT_NAME: ${{ vars.CLOUDFLARE_PROJECT_DOCKER }} VITE_API_BASE_URL: ${{ vars.VITE_API_BASE_URL_DOCKER }} VITE_KEYCLOAK_URL: ${{ vars.VITE_KEYCLOAK_URL_DOCKER }} VITE_KEYCLOAK_REALM: ${{ vars.VITE_KEYCLOAK_REALM_DOCKER || 'dev' }} VITE_KEYCLOAK_CLIENT_ID: ${{ vars.VITE_KEYCLOAK_CLIENT_ID_DOCKER || 'bff-dashboard' }} VITE_API_MOCKING_ENABLED: 'false' # checkout, validate on dispatch, setup and build, deploy steps: - name: Checkout ${{ github.ref_name }} uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.ref }} fetch-depth: 0 - name: Validate tag on manual dispatch if: github.event_name == 'workflow_dispatch' run: | if [[ "${{ github.ref_type }}" != 'tag' ]]; then echo "::error::Manual deployments must be triggered from a tag." echo "::error::Please select a tag from the 'Use workflow from' dropdown, not a branch." exit 1 fi echo "Validation successful: Running from tag '${{ github.ref_name }}'." - name: Setup Node uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: node-version: ${{ env.NODE_VERSION}} - name: Cache node modules id: cache-npm uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 env: cache-name: cache-node-modules with: path: ~/.npm key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-build-${{ env.cache-name }}- ${{ runner.os }}-build- ${{ runner.os }}- - name: List the state of node modules if: ${{ steps.cache-npm.outputs.cache-hit != 'true' }} continue-on-error: true run: npm list - name: Install dependencies run: npm ci - name: Build app run: npm run build # PREVIEW branch - name: Deploy ${{ github.ref_name }} to PREVIEW branch of ${{ env.PROJECT_NAME }} project if: github.event_name == 'push' uses: cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3.14.1 with: apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} command: pages deploy dist --project-name=${{ env.PROJECT_NAME }} --branch=preview # VERSION branch - name: Deploy ${{ github.ref_name }} to VERSION branch ${{ github.ref_name }} of ${{ env.PROJECT_NAME }} project if: github.event_name == 'push' uses: cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3.14.1 with: apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} command: pages deploy dist --project-name=${{ env.PROJECT_NAME }} --branch=${{ github.ref_name }} # PRODUCTION branch - name: Deploy ${{ github.ref_name }} to PRODUCTION of ${{ env.PROJECT_NAME }} project if: github.event_name == 'workflow_dispatch' uses: cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3.14.1 with: apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} command: pages deploy dist --project-name=${{ env.PROJECT_NAME }} Logic Issue Both jobs run on push events regardless of the workflow_dispatch environment selection, which could lead to unintended deployments to both environments when only one is selected manually. if: | github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'wildcat-dev-docker')

[Copilot]

Pull Request Overview

This PR consolidates deployment workflows into a single standardized pipeline and removes the old matrix-based deploy file.

• Introduces .github/workflows/deploy.yml with two jobs for wildcat-dev-docker and wildcat-docker, covering preview, version (tag), and production deployments.
• Removes the legacy .github/workflows/deploy-wildcat-docker.yml.
• Centralizes environment variable setup and deployment steps for Cloudflare Pages.

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
.github/workflows/deploy.yml	New unified workflow with separate jobs for each target.
.github/workflows/deploy-wildcat-docker.yml	Deleted legacy matrix-based deployment workflow.

Comments suppressed due to low confidence (3)

.github/workflows/deploy.yml:38

• [nitpick] There are two spaces between 'to' and the project variable, resulting in inconsistent formatting in the job name. Consider removing the extra space.

    name: Deploy to  ${{ vars.CLOUDFLARE_PROJECT_DEV_DOCKER }}

.github/workflows/deploy.yml:47

• There is trailing whitespace inside the expression before the closing braces. Removing it will keep the syntax clean.

      VITE_KEYCLOAK_URL:        ${{ vars.VITE_KEYCLOAK_URL_DEV_DOCKER  }}

.github/workflows/deploy.yml:55

• [nitpick] Pinning to a commit SHA can make updates harder to track. Consider using the version tag (e.g., actions/checkout@v4) for clarity and maintainability.

        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	✅ Fix template expression spacing Suggestion Impact: The suggestion was directly implemented - the missing space in `${{ env.NODE_VERSION}}` was fixed to `${{ env.NODE_VERSION }}` in two locations (lines 31 and 65) code diff: - node-version: ${{ env.NODE_VERSION}} + node-version: ${{ env.NODE_VERSION }} - name: Cache node modules id: cache-npm @@ -135,18 +135,18 @@ deployments: write # set env - name: Deploy to ${{ vars.CLOUDFLARE_PROJECT_DOCKER }} + name: Deploy to ${{ vars.CLOUDFLARE_PROJECT_DOCKER }} if: | github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'wildcat-docker') env: - PROJECT_NAME: ${{ vars.CLOUDFLARE_PROJECT_DOCKER }} - VITE_API_BASE_URL: ${{ vars.VITE_API_BASE_URL_DOCKER }} - VITE_KEYCLOAK_URL: ${{ vars.VITE_KEYCLOAK_URL_DOCKER }} - VITE_KEYCLOAK_REALM: ${{ vars.VITE_KEYCLOAK_REALM_DOCKER || 'dev' }} - VITE_KEYCLOAK_CLIENT_ID: ${{ vars.VITE_KEYCLOAK_CLIENT_ID_DOCKER || 'bff-dashboard' }} + PROJECT_NAME: ${{ vars.CLOUDFLARE_PROJECT_DOCKER }} + VITE_API_BASE_URL: ${{ vars.VITE_API_BASE_URL_DOCKER }} + VITE_KEYCLOAK_URL: ${{ vars.VITE_KEYCLOAK_URL_DOCKER }} + VITE_KEYCLOAK_REALM: ${{ vars.VITE_KEYCLOAK_REALM_DOCKER || 'dev' }} + VITE_KEYCLOAK_CLIENT_ID: ${{ vars.VITE_KEYCLOAK_CLIENT_ID_DOCKER || 'bff-dashboard' }} VITE_API_MOCKING_ENABLED: 'false' # checkout, validate on dispatch, setup and build, deploy @@ -170,7 +170,7 @@ - name: Setup Node uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: - node-version: ${{ env.NODE_VERSION}} + node-version: ${{ env.NODE_VERSION }} There's a missing space in the template expression. The variable reference should have proper spacing to avoid potential parsing issues. .github/workflows/deploy.yml [73] -node-version: ${{ env.NODE_VERSION}} +node-version: ${{ env.NODE_VERSION }} [Suggestion processed] Suggestion importance[1-10]: 2 __ Why: The suggestion correctly points out inconsistent spacing in a GitHub Actions expression. While {{ env.NODE_VERSION}} is valid, {{ env.NODE_VERSION }} is more conventional and readable. This is a minor stylistic improvement with no functional impact.	Low
Update

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

📢 Thoughts on this report? Let us know!

[cloudflare-workers-and-pages]

Deploying wildcat-dashboard with    Cloudflare Pages

Latest commit:	31b8713
Status:	✅  Deploy successful!
Preview URL:	https://1a0c9f16.wildcat-dashboard.pages.dev
Branch Preview URL:	https://cleot-change-deployment-work.wildcat-dashboard.pages.dev

View logs