From c96fb4ce524e8d1d607c26594bf68d58297ec527 Mon Sep 17 00:00:00 2001 From: hshah-mitre Date: Tue, 28 Oct 2025 15:00:15 -0400 Subject: [PATCH 1/6] Enhance GitHub Actions workflow with auto-assign Updated GitHub Actions workflow to include auto-assign functionality and improved deployment steps for test and production environments. --- .github/workflows/gh-pages.yml | 169 ++++++++++++++++++++++++++++++--- 1 file changed, 157 insertions(+), 12 deletions(-) diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index 47e9426..cad7bd6 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -4,11 +4,79 @@ on: push: branches: - main - - '**' + - "*" + + pull_request: + types: [opened, ready_for_review, synchronize] + +permissions: + contents: read + pull-requests: write + id-token: write + jobs: - build: + auto_assign: runs-on: ubuntu-latest + if: github.event_name == 'pull_request' + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::677043464939:role/GitHubAction-AssumeRoleWithAction + role-session-name: GitHub_to_AWS_via_FederatedOIDC + aws-region: ${{ secrets.AWS_REGION }} + + - name: STS GetCallerIdentity + run: aws sts get-caller-identity + + - name: Print repo structure + run: | + pwd + ls -al + ls -al .github || echo ".github directory does not exist" + cat .github/auto_assign.yml || echo "No .github/auto_assign.yml found" + + - name: Print working directory and files + run: | + pwd + ls -al .github + cat .github/auto_assign.yml || echo "No auto_assign.yml found" + + - name: Assign assignee via GitHub API + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + curl -X POST \ + -H "Authorization: token $GITHUB_TOKEN" \ + -H "Accept: application/vnd.github+json" \ + https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/assignees \ + -d "{\"assignees\":[\"${{ github.actor }}\"]}" + PR_NUMBER=${{ github.event.pull_request.number }} + COMMENT="Preview your changes at: http://${{ secrets.S3_BUCKET_NAME }}/mergeRequest/${PR_NUMBER}/index.html" + curl -X POST \ + -H "Authorization: token $GITHUB_TOKEN" \ + -H "Accept: application/vnd.github+json" \ + -d "{\"body\": \"$COMMENT\"}" \ + https://api.github.com/repos/${{ github.repository }}/issues/${PR_NUMBER}/comments + + - name: Assign team reviewer via GitHub API + env: + ORG_PAT: ${{ secrets.ORG_PAT }} + run: | + curl -X POST \ + -H "Authorization: token $ORG_PAT" \ + -H "Accept: application/vnd.github+json" \ + -H "Content-Type: application/json" \ + -d '{"team_reviewers":["ai4sdlc-reviewers"]}' \ + https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/requested_reviewers + + convert_md_to_html: + runs-on: ubuntu-latest + if: github.ref != 'refs/heads/main' steps: - name: Checkout code uses: actions/checkout@v4 @@ -18,19 +86,96 @@ jobs: with: python-version: '3.12' - - name: Install dependencies + - name: Install MkDocs and dependencies run: | pip install mkdocs mkdocs-material - - name: Build MkDocs site - run: mkdocs build + - name: Build project with MkDocs + run: | + echo "Building your project..." + mkdocs build + echo "pwd in build project with MkDocs" + pwd + + - name: Debug MkDocs Build Output + run: | + echo "Contents of site directory:" + ls -l site + + - name: Save artifacts + uses: actions/upload-artifact@v4 + with: + name: site + path: site + + deploy_to_test: + needs: convert_md_to_html + runs-on: ubuntu-latest + if: github.event_name == 'pull_request' && github.ref != 'refs/heads/main' + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Download artifacts + uses: actions/download-artifact@v4 + with: + name: site + path: site - - name: Add .nojekyll - run: touch site/.nojekyll + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::677043464939:role/GitHubAction-AssumeRoleWithAction + role-session-name: GitHub_to_AWS_via_FederatedOIDC + aws-region: ${{ secrets.AWS_REGION }} - - name: Deploy to GitHub Pages - if: github.ref == 'refs/heads/main' - uses: peaceiris/actions-gh-pages@v4 + - name: Deploy to Test Environment + env: + S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }} + PR_NUMBER: ${{ github.event.pull_request.number }} + run: | + echo "pr_number while deploying =$PR_NUMBER" + pwd + aws s3 ls + aws s3 sync site/ s3://$S3_BUCKET_NAME/test + aws s3 sync site/ s3://$S3_BUCKET_NAME/mergeRequest/$PR_NUMBER + + deploy_to_production: + runs-on: ubuntu-latest + if: github.ref == 'refs/heads/main' + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 with: - github_token: ${{ secrets.GITHUB_TOKEN }} - publish_dir: ./site + role-to-assume: arn:aws:iam::677043464939:role/GitHubAction-AssumeRoleWithAction + role-session-name: GitHub_to_AWS_via_FederatedOIDC + aws-region: ${{ secrets.AWS_REGION }} + + - name: Get PR number from GitHub API + id: pr + run: | + echo "Before pr_number=$PR_NUMBER" + PR_API_URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/commits/${GITHUB_SHA}/pulls" + PR_NUMBER=$(curl -s -H "Accept: application/vnd.github.groot-preview+json" \ + -H "Authorization: Bearer $GITHUB_TOKEN" \ + $PR_API_URL | jq '.[0].number') + echo "after pr_number=$PR_NUMBER" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Deploy to Production Environment + env: + S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + echo "inside pr_number=$PR_NUMBER" + echo "Before pr_number=$PR_NUMBER" + PR_API_URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/commits/${GITHUB_SHA}/pulls" + PR_NUMBER=$(curl -s -H "Accept: application/vnd.github.groot-preview+json" \ + -H "Authorization: Bearer $GITHUB_TOKEN" \ + $PR_API_URL | jq '.[0].number') + echo "after pr_number=$PR_NUMBER" + aws s3 sync s3://$S3_BUCKET_NAME/mergeRequest/$PR_NUMBER s3://$S3_BUCKET_NAME/production/ + echo "deploy complete to production !!!" + aws s3 rm s3://$S3_BUCKET_NAME/mergeRequest/$PR_NUMBER --recursive + echo "PR folder deleted successfully !!!" From f1e52b16b8de0c52ae0097457308a9cf68703bfd Mon Sep 17 00:00:00 2001 From: hshah-mitre Date: Tue, 28 Oct 2025 15:24:32 -0400 Subject: [PATCH 2/6] Update gh-pages.yml --- .github/workflows/gh-pages.yml | 32 +++----------------------------- 1 file changed, 3 insertions(+), 29 deletions(-) diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index cad7bd6..a33464b 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -29,22 +29,6 @@ jobs: role-session-name: GitHub_to_AWS_via_FederatedOIDC aws-region: ${{ secrets.AWS_REGION }} - - name: STS GetCallerIdentity - run: aws sts get-caller-identity - - - name: Print repo structure - run: | - pwd - ls -al - ls -al .github || echo ".github directory does not exist" - cat .github/auto_assign.yml || echo "No .github/auto_assign.yml found" - - - name: Print working directory and files - run: | - pwd - ls -al .github - cat .github/auto_assign.yml || echo "No auto_assign.yml found" - - name: Assign assignee via GitHub API env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -97,11 +81,6 @@ jobs: echo "pwd in build project with MkDocs" pwd - - name: Debug MkDocs Build Output - run: | - echo "Contents of site directory:" - ls -l site - - name: Save artifacts uses: actions/upload-artifact@v4 with: @@ -134,9 +113,7 @@ jobs: S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }} PR_NUMBER: ${{ github.event.pull_request.number }} run: | - echo "pr_number while deploying =$PR_NUMBER" - pwd - aws s3 ls + echo "deploying to test and mergeRequest buckets for pr_number =$PR_NUMBER" aws s3 sync site/ s3://$S3_BUCKET_NAME/test aws s3 sync site/ s3://$S3_BUCKET_NAME/mergeRequest/$PR_NUMBER @@ -154,12 +131,10 @@ jobs: - name: Get PR number from GitHub API id: pr run: | - echo "Before pr_number=$PR_NUMBER" PR_API_URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/commits/${GITHUB_SHA}/pulls" PR_NUMBER=$(curl -s -H "Accept: application/vnd.github.groot-preview+json" \ -H "Authorization: Bearer $GITHUB_TOKEN" \ $PR_API_URL | jq '.[0].number') - echo "after pr_number=$PR_NUMBER" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -168,14 +143,13 @@ jobs: S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - echo "inside pr_number=$PR_NUMBER" - echo "Before pr_number=$PR_NUMBER" PR_API_URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/commits/${GITHUB_SHA}/pulls" PR_NUMBER=$(curl -s -H "Accept: application/vnd.github.groot-preview+json" \ -H "Authorization: Bearer $GITHUB_TOKEN" \ $PR_API_URL | jq '.[0].number') - echo "after pr_number=$PR_NUMBER" + echo "deploying to production !!!" aws s3 sync s3://$S3_BUCKET_NAME/mergeRequest/$PR_NUMBER s3://$S3_BUCKET_NAME/production/ echo "deploy complete to production !!!" + echo "Deleting PR folder !!!" aws s3 rm s3://$S3_BUCKET_NAME/mergeRequest/$PR_NUMBER --recursive echo "PR folder deleted successfully !!!" From 27d9fd11a909230aa7b8746d7380f77fff39d0a3 Mon Sep 17 00:00:00 2001 From: hshah-mitre Date: Fri, 14 Nov 2025 10:30:28 -0500 Subject: [PATCH 3/6] Update GitHub Actions workflow for gh-pages --- .github/workflows/gh-pages.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index a33464b..191cc04 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -4,7 +4,7 @@ on: push: branches: - main - - "*" + - "**" pull_request: types: [opened, ready_for_review, synchronize] @@ -70,7 +70,7 @@ jobs: with: python-version: '3.12' - - name: Install MkDocs and dependencies + - name: Install dependencies run: | pip install mkdocs mkdocs-material @@ -80,7 +80,8 @@ jobs: mkdocs build echo "pwd in build project with MkDocs" pwd - + - name: Add .nojekyll + run: touch site/.nojekyll - name: Save artifacts uses: actions/upload-artifact@v4 with: From 596f79aa16901f2a00025f42ac4d9decd36559ee Mon Sep 17 00:00:00 2001 From: hshah-mitre Date: Fri, 14 Nov 2025 10:57:01 -0500 Subject: [PATCH 4/6] Fix quotes in gh-pages.yml workflow file --- .github/workflows/gh-pages.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index 191cc04..e433da9 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -4,7 +4,7 @@ on: push: branches: - main - - "**" + - '**' pull_request: types: [opened, ready_for_review, synchronize] @@ -81,7 +81,7 @@ jobs: echo "pwd in build project with MkDocs" pwd - name: Add .nojekyll - run: touch site/.nojekyll + run: touch site/.nojekyll - name: Save artifacts uses: actions/upload-artifact@v4 with: From a7ec03b6d27240d100d45e2219b9ace0e1c2302e Mon Sep 17 00:00:00 2001 From: hshah-mitre Date: Fri, 14 Nov 2025 11:00:40 -0500 Subject: [PATCH 5/6] Fix YAML syntax for gh-pages workflow --- .github/workflows/gh-pages.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index e433da9..e985745 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -4,7 +4,7 @@ on: push: branches: - main - - '**' + - '**' pull_request: types: [opened, ready_for_review, synchronize] From 843c3114acd6a77a1892af941e18cdf2bbd5859b Mon Sep 17 00:00:00 2001 From: hshah-mitre Date: Fri, 14 Nov 2025 11:02:50 -0500 Subject: [PATCH 6/6] Rename job from auto_assign to build --- .github/workflows/gh-pages.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index e985745..f70e497 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -15,7 +15,7 @@ permissions: id-token: write jobs: - auto_assign: + build: runs-on: ubuntu-latest if: github.event_name == 'pull_request' steps: