Skip to content

Production readiness improvements #223

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
codeunia-dev merged 3 commits into from
Sep 6, 2025
Merged

Production readiness improvements #223

codeunia-dev merged 3 commits into from
Sep 6, 2025

Conversation

@codeunia-dev
Copy link
Owner

@codeunia-dev codeunia-dev commented Sep 6, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Streamlined automated Lighthouse checks in CI to a single autorun command with broader assertions across performance, accessibility, best practices, and SEO, reporting issues as warnings.
    • Removed several non-essential secrets from the CI environment while keeping required audit tokens.
    • Continued uploading Lighthouse results unchanged to preserve visibility into site quality over time.

Deepak Pandey added 2 commits September 6, 2025 19:37
fix: Simplify Lighthouse CI command to avoid YAML parsing issues
fef756d 
- Replace complex inline JSON config with simple CLI flags
- Use --assert.assertions.*=warn flags to change error level to warning
- This should resolve the workflow file parsing error
resolve: Fix merge conflict in CI workflow
1aed9f2 
- Keep simplified Lighthouse CI command with warn flags
- Include all necessary environment variables from remote branch
- Resolve conflict between local and remote changes
@vercel
Copy link

vercel bot commented Sep 6, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
codeunia Ready Ready Preview Comment Sep 6, 2025 2:17pm

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 6, 2025
edited
Loading

Walkthrough

Replaced manual Lighthouse CI CLI invocation with lhci autorun (warn-level assertions) in two workflow steps, removed Next.js/Supabase secrets from the LHCI environment while keeping LHCI_GITHUB_APP_TOKEN and LHCI_TOKEN, and left the performance results upload step unchanged.

Changes

Cohort / File(s) Summary of changes
Lighthouse CI invocation (two occurrences)
.github/workflows/ci-cd.yml		 Replaced manual CLI commands with a single lhci autorun invocation that enforces broad assertion categories and specific metric assertions at warn level.
Environment variables for LHCI
.github/workflows/ci-cd.yml		 Removed Next.js/Supabase secrets (GITHUB_TOKEN, NEXT_PUBLIC_SUPABASE_URL, NEXT_PUBLIC_SUPABASE_ANON_KEY, SUPABASE_SERVICE_ROLE_KEY) from the LHCI step’s env; retained LHCI_GITHUB_APP_TOKEN and LHCI_TOKEN.
Results upload (unchanged)
.github/workflows/ci-cd.yml		 The step that uploads Lighthouse performance results remains as before.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Runner as GitHub Actions Runner
  participant CI as Workflow Job
  participant LHCI as Lighthouse CI (autorun)
  participant Preview as Preview App
  participant Store as Artifact Storage

  Runner->>CI: Trigger CI job
  Note over CI,LHCI: Modified steps: use `lhci autorun` with warn assertions
  CI->>LHCI: Invoke `lhci autorun` (env: `LHCI_GITHUB_APP_TOKEN`, `LHCI_TOKEN`)
  LHCI->>Preview: Request target URL(s) and run audits
  LHCI-->>CI: Return audit results & assertion statuses
  CI->>Store: Upload performance/results artifacts (unchanged)
Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Poem

A rabbit nudged autorun, neat and spry,
Warnings whispering as audits fly.
Tokens kept, some secrets shed,
Results uploaded, metrics read.
Hop—CI hums beneath the sky. 🐇✨

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1aed9f2 and 3b0bda0.

📒 Files selected for processing (1)
  • .github/workflows/ci-cd.yml (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/ci-cd.yml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Test Suite
✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch production-readiness-improvements

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Sep 6, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
.github/workflows/ci-cd.yml (1)

483-487: Fix malformed FULL_HEALTH_URL query string (missing '?').

Currently builds /api/health&x-vercel..., which is invalid and may break protected-route bypass.

Apply this diff:

-              FULL_HEALTH_URL="$DEPLOYMENT_URL/api/health&x-vercel-set-bypass-cookie=true&x-vercel-protection-bypass=${{ secrets.VERCEL_BYPASS_TOKEN }}"
+              FULL_HEALTH_URL="$DEPLOYMENT_URL/api/health?x-vercel-set-bypass-cookie=true&x-vercel-protection-bypass=${{ secrets.VERCEL_BYPASS_TOKEN }}"
🧹 Nitpick comments (2)
.github/workflows/ci-cd.yml (2)

593-593: Prefer config file over long CLI flags; ensure target URLs are defined.

The inline assertions are hard to maintain and easy to mistype. Move them into a .lighthouserc.json (or .js) and point autorun to it. Also make sure collect.url (or serverCommand/staticDistDir) is configured so lhci knows what to audit.

Apply this diff here:

-          lhci autorun --assert.assertions.categories:performance=warn --assert.assertions.categories:accessibility=warn --assert.assertions.categories:best-practices=warn --assert.assertions.categories:seo=warn --assert.assertions.first-contentful-paint=warn --assert.assertions.largest-contentful-paint=warn --assert.assertions.cumulative-layout-shift=warn --assert.assertions.total-blocking-time=warn --assert.assertions.speed-index=warn
+          lhci autorun --config=.lighthouserc.json

Example config to add at repo root (adjust URLs/thresholds as needed):

{
  "ci": {
    "collect": {
      "url": ["https://example.com/","https://example.com/page"],
      "numberOfRuns": 3
    },
    "assert": {
      "assertions": {
        "categories:performance": "warn",
        "categories:accessibility": "warn",
        "categories:best-practices": "warn",
        "categories:seo": "warn",
        "first-contentful-paint": "warn",
        "largest-contentful-paint": "warn",
        "cumulative-layout-shift": "warn",
        "total-blocking-time": "warn",
        "speed-index": "warn"
      }
    },
    "upload": { "target": "filesystem", "outputDir": ".lighthouseci" }
  }
}

592-593: Ensure Chrome is available for Lighthouse.

Ubuntu runners may lack a usable Chrome/Chromium. Add a step to install/setup Chrome to avoid flaky failures.

Example step to add before running lhci:

- name: Setup Chrome
  uses: browser-actions/setup-chrome@v1

To verify current availability, you can temporarily add:

google-chrome --version || chromium --version || echo "No Chrome found"
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dfc7e28 and 1aed9f2.

📒 Files selected for processing (1)
  • .github/workflows/ci-cd.yml (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Test Suite
🔇 Additional comments (1)
.github/workflows/ci-cd.yml (1)

592-593: Confirmed: @lhci/cli@0.12.x supports lhci autorun with --assert.assertions.* flags.

security: Remove unnecessary Supabase secrets from Lighthouse CI step
3b0bda0 
- Remove NEXT_PUBLIC_SUPABASE_URL, NEXT_PUBLIC_SUPABASE_ANON_KEY, and SUPABASE_SERVICE_ROLE_KEY
- These environment variables are not used by lhci command
- Follows principle of least privilege to prevent accidental exposure
- Service role key should never be present in client contexts
@codeunia-dev codeunia-dev merged commit 43d67eb into main Sep 6, 2025
7 checks passed
This was referenced Sep 6, 2025
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@codeunia-dev