Skip to content

chore: update GHA workflow and remove circleci [DX-242] #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Jul 15, 2025
Merged

chore: update GHA workflow and remove circleci [DX-242] #11

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f5008bf
chore: update GHA workflow and remove circleci
chasepoirier Jul 15, 2025
a23fd1b
chore: update lock file
chasepoirier Jul 15, 2025
b45b331
chore: remove codeql job
chasepoirier Jul 15, 2025
78427bb
chore: add prettier as check
chasepoirier Jul 15, 2025
3525180
Merge branch 'main' into improve-ci-cd-setup
chasepoirier Jul 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 0 additions & 16 deletions .circleci/config.yml
View file
Open in desktop
Copy link
Contributor

@ethan-ozelius-contentful ethan-ozelius-contentful Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was actually thinking about the whole github actions vs. circleCi discussion, and I 100% agree that tests/linting/building etc should be run in github actions so that external contributors can get insight into whether their builds are passing or not.

Releasing a new version feels like something that should be protected a little more, and in theory we should get that already with branch protections, but I wouldn't mind having an extra layer of security in that only contentful employees/automation bots that are authorized through circleCI can release code.

100% open to feedback and discussion, I'm still learning how all this works at Contentful, so I might be missing something.

Copy link
Collaborator Author

@chasepoirier chasepoirier Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah definitely worth having a discussion about. Another option to consider that could solve the same problem would be an additional branch protection that only allows certain contentful employees (The DX team) to actually merge code into main. If we then only had releases tied to our main workflow, then essentially we're only allowing us to trigger releases.

This file was deleted.

9 changes: 0 additions & 9 deletions .contentful/vault-secrets.yaml
View file
Open in desktop
Copy link
Contributor

@whitelisab whitelisab Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need to keep this file vault-secrets.yaml and remove vault-secrets.yml instead

This file was deleted.

13 changes: 9 additions & 4 deletions .github/workflows/pr-build.yml → .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
name: PR Build Check
name: Build

on:
pull_request:
branches: [main]
workflow_call:

jobs:
build:
Expand All @@ -18,7 +17,13 @@ jobs:
cache: 'npm'

- name: Install dependencies
run: npm install
run: npm ci

- name: Run build
run: npm run build

- name: Save Build folders
uses: actions/cache/save@v4
with:
path: build/
key: build-cache-${{ github.run_id }}-${{ github.run_attempt }}
32 changes: 32 additions & 0 deletions .github/workflows/check.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Run Checks

on:
workflow_call:

jobs:
lint:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4

- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22'
cache: 'npm'

- name: Install dependencies
run: npm ci

- name: Restore the build folders
Copy link
Contributor

@ethan-ozelius-contentful ethan-ozelius-contentful Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

question: Do we need to also build before caching?

Copy link
Collaborator Author

@chasepoirier chasepoirier Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah that's taken care of in the build.yml file which runs before the check.yml and is a required pre-req in the main.yml

Copy link
Collaborator Author

@chasepoirier chasepoirier Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line here: https://github.com/contentful/contentful-mcp-server/pull/11/files/3525180966b4dc284503d237d7f276ee0b28a6e2#diff-7829468e86c1cc5d5133195b5cb48e1ff6c75e3e9203777f6b2e379d9e4882b3R13

uses: actions/cache/restore@v4
with:
path: build/
key: build-cache-${{ github.run_id }}-${{ github.run_attempt }}

- name: Run Prettier
run: npx pretty-quick --check

- name: Run linting
run: npm run lint
15 changes: 15 additions & 0 deletions .github/workflows/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
name: CI

on:
push:
branches: ['*']
pull_request:
branches: ['*']

jobs:
build:
uses: ./.github/workflows/build.yml

check:
needs: build
uses: ./.github/workflows/check.yml
Loading