ci: fix deploy-obs-tiny-engine to build and deploy

[xuanlid]

Summary by CodeRabbit

• Chores
  • Updated build and deployment workflows to use HTTPS for repository access
  • Enhanced build process with automatic documentation timestamp collection
  • Improved deployment artifact path handling and synchronization
  • Optimized build base path configuration to use environment variables

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

This PR modifies the build and deployment pipeline by switching the Git submodule URL from SSH to HTTPS, adding a pre-build documentation timing step, updating artifact paths to the lowcode-portal package structure, introducing Git submodule synchronization in CI, and making the static path configuration environment-driven.

Changes

Cohort / File(s)	Summary
CI/CD Workflow .github/workflows/deploy-obs-tiny-engine.yml	Replaces pnpm i with pnpm install --ignore-scripts; adds Git submodule sync, update, and status steps; removes 404.html copy operation; updates all artifact paths from dist/ to packages/lowcode-portal/dist/; adjusts OBS upload path handling for versioned directories.
Submodule Configuration .gitmodules	Changes tiny-engine submodule URL from SSH (git@github.com:opentiny/tiny-engine.git) to HTTPS (https://github.com/opentiny/tiny-engine.git).
Package Build Configuration packages/lowcode-portal/package.json, packages/lowcode-portal/vite.config.js	Prepends npm run obtainDocTime && to build:open script; replaces hardcoded config.base = '/' with environment variable config.base = VITE_APP_STATIC_PATH.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 Submodules sync with HTTPS grace,
Paths now flow through a cleaner space,
Docs time gathered ere the build,
Config whispers what was willed!

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'ci: fix deploy-obs-tiny-engine to build and deploy' accurately describes the main changes, which involve fixing the CI/CD deployment workflow for the tiny-engine project with updates to build and deployment steps.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch lx/fix-deploy-obs

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 55e9037 and c53e607.

📒 Files selected for processing (4)

• .github/workflows/deploy-obs-tiny-engine.yml
• .gitmodules
• packages/lowcode-portal/package.json
• packages/lowcode-portal/vite.config.js

🔇 Additional comments (6)

.gitmodules (1)

3-3: LGTM! HTTPS submodule URL is appropriate for CI/CD.

Switching from SSH to HTTPS is the correct approach for GitHub Actions workflows, as it avoids SSH key configuration requirements and works seamlessly with public repositories.

packages/lowcode-portal/package.json (1)

10-10: LGTM! Consistent pre-build documentation timing.

Adding obtainDocTime before the build is consistent with the dev script pattern and ensures documentation timestamps are generated before the build process, which is particularly important now that the workflow includes submodule synchronization.

.github/workflows/deploy-obs-tiny-engine.yml (4)

43-43: LGTM! Using --ignore-scripts improves CI security.

The --ignore-scripts flag is a security best practice for CI environments, preventing potentially malicious or unintended lifecycle scripts from executing during dependency installation.

---

44-53: Verify submodule update strategy with --remote flag.

The git submodule update --remote --merge --recursive command updates submodules to their remote branch's latest commit, rather than the commit pinned in this repository. This means builds could break unexpectedly if the tiny-engine submodule introduces breaking changes.

Consider whether you want to:

• Option 1 (current): Always use the latest submodule commit for builds (more dynamic, higher risk)
• Option 2 (pinned): Remove the --remote flag to use the pinned commit in this repo (more stable, requires manual submodule updates)

If Option 1 is intentional for always deploying the latest documentation/features, ensure the tiny-engine submodule has stable release practices.

---

74-74: LGTM! Artifact paths consistently updated.

The artifact paths have been correctly updated throughout the workflow:

• Upload (line 74): packages/lowcode-portal/dist/
• Download (line 84): packages/lowcode-portal/dist/
• Deployment (line 106): packages/lowcode-portal/dist

This properly reflects the monorepo structure and ensures artifacts are uploaded and downloaded from the correct location.

Also applies to: 84-84, 106-106

---

1-107: Verify that 404.html handling is no longer needed.

The workflow previously included a step to copy index.html to 404.html. This step has been removed. Please confirm that:

• 404 error handling is configured at the OBS bucket level, or
• The deployment model no longer requires a client-side 404 fallback, or
• The application handles 404s through a different mechanism

If this was removed unintentionally, you may need to add it back after the artifact download step.