Merge branch 'master' into 20250613_AI_ensure_poweres_of_two

nerdCopter · nerdCopter · commit 77694cadd8ef · 2025-05-16T11:25:04.000-05:00
diff --git a/.coderabbit.yaml b/.coderabbit.yaml
@@ -0,0 +1,15 @@
+# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
+language: "en-US"
+early_access: false
+reviews:
+  profile: "chill"
+  request_changes_workflow: true
+  high_level_summary: true
+  poem: false
+  review_status: true
+  collapse_walkthrough: false
+  auto_review:
+    enabled: true
+    drafts: false
+chat:
+  auto_reply: true
diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml
@@ -1,21 +1,20 @@
 name: 'Preview Deployment'
 on:
   pull_request_target:
+    types: [opened, synchronize, reopened]
     branches:
       - master
 
 jobs:
-  deploy:
-    permissions:
-      actions: read
-      contents: read
-      deployments: write
-      pull-requests: write
+  # Job 1: Build the code (no secrets here)
+  build:
     runs-on: ubuntu-latest
-    timeout-minutes: 5
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          persist-credentials: false  # Don't persist GitHub token
 
       - name: Cache node_modules
         uses: actions/cache@v4
@@ -32,19 +31,49 @@ jobs:
       - run: yarn install
       - run: yarn build
 
+      - name: Upload build artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist-files
+          path: dist
+
+  # Job 2: Deploy with secrets (no PR code checkout)
+  deploy:
+    needs: build  # Wait for build job to complete
+    permissions:
+      actions: read
+      contents: read
+      deployments: write
+      issues: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+      - name: Download build artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: dist-files
+          path: dist
+
+      - name: Set short git commit SHA
+        id: vars
+        run: |
+          calculatedSha=$(echo ${{ github.event.pull_request.head.sha }} | head -c 8)
+          echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV
+    
       - name: Deploy to Cloudflare
         id: deploy
         uses: cloudflare/wrangler-action@v3
         with:
           apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
           accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          command: pages deploy dist --project-name=${{ vars.CLOUDFLARE_PROJECT_NAME }} --branch ${{ github.head_ref }} --commit-dirty=true
+          command: pages deploy dist --project-name=${{ vars.CLOUDFLARE_PROJECT_NAME }} --branch=${{ env.COMMIT_SHORT_SHA }} --commit-dirty=true
 
       - name: Add deployment comment
         uses: thollander/actions-comment-pull-request@v3
         with:
           message: |
-             Preview URL: ${{ steps.deploy.outputs.deployment-url }}
+             Preview URL: ${{ steps.deploy.outputs.pages-deployment-alias-url }}
           reactions: eyes, rocket
           comment-tag: 'Preview URL'
           mode: recreate
