diff --git a/.github/workflows/update-wiki.yml b/.github/workflows/update-wiki.yml index a6bdda6..f7c1b86 100644 --- a/.github/workflows/update-wiki.yml +++ b/.github/workflows/update-wiki.yml @@ -5,21 +5,12 @@ on: branches: - main paths: - - 'docs/**' - pull_request: - types: [closed] - paths: - - 'docs/**' - # Allow manual runs for diagnostics and one-off pushes - workflow_dispatch: {} + - docs/** -permissions: - contents: write + workflow_dispatch: {} jobs: update-wiki: - # Only run for push events, or for pull_request closed events where the PR was merged. - if: ${{ github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.merged == true) }} runs-on: ubuntu-latest steps: - name: Debug: print event info @@ -49,18 +40,26 @@ jobs: with: fetch-depth: 0 + - name: Echo docs trigger + run: echo "Update Wiki workflow triggered for docs changes" + + - name: Fail early if DEPLOY_WIKI_TOKEN is missing + env: + DEPLOY_WIKI_TOKEN: ${{ secrets.DEPLOY_WIKI_TOKEN }} + run: | + if [ -z "$DEPLOY_WIKI_TOKEN" ]; then + echo "WARNING: DEPLOY_WIKI_TOKEN is not set; the workflow will not be able to push to the wiki." + echo "Set the DEPLOY_WIKI_TOKEN secret or provide GITHUB_TOKEN permissions." + exit 1 + fi + - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' - - name: Install dependencies (if any) - run: | - if [ -f package.json ]; then npm ci; fi - - name: Run wiki init and push env: - # Use a deploy PAT stored in repository secrets (create secret DEPLOY_WIKI_TOKEN) GITHUB_TOKEN: ${{ secrets.DEPLOY_WIKI_TOKEN }} run: | - node scripts/init-wiki.js --docs docs/wiki + node scripts/init-wiki.js --docs docs diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/package.json b/package.json new file mode 100644 index 0000000..2ec2290 --- /dev/null +++ b/package.json @@ -0,0 +1,10 @@ +{ + "name": "coderoot-ai", + "version": "0.0.0", + "description": "CodeRoot.ai repository", + "type": "module", + "license": "SEE LICENSE IN LICENSE.md", + "scripts": { + "init-wiki:dry": "node scripts/init-wiki.js --dry-run" + } +} diff --git a/scripts/init-wiki.js b/scripts/init-wiki.js index c3c250f..a057509 100644 --- a/scripts/init-wiki.js +++ b/scripts/init-wiki.js @@ -81,6 +81,21 @@ async function main() { console.log('Remote:', opts.remote); if (opts.dryRun) console.log('Dry run: no git clone/commit/push will be executed'); + const isCI = process.env.GITHUB_ACTIONS === 'true' || process.env.CI === 'true'; + + // If running in CI, ensure we have a token to authenticate pushes. Prefer DEPLOY_WIKI_TOKEN but fall back to GITHUB_TOKEN. + if (isCI && !opts.dryRun) { + if (!process.env.DEPLOY_WIKI_TOKEN && !process.env.GITHUB_TOKEN) { + console.error('ERROR: No authentication token available in CI.'); + console.error('Set repository secret DEPLOY_WIKI_TOKEN (a PAT with Contents: write) or ensure GITHUB_TOKEN is available.'); + process.exit(20); + } + // If DEPLOY_WIKI_TOKEN is provided, prefer it by setting GITHUB_TOKEN for downstream code that reads it. + if (process.env.DEPLOY_WIKI_TOKEN) { + process.env.GITHUB_TOKEN = process.env.DEPLOY_WIKI_TOKEN; + } + } + if (!fs.existsSync(docsDir)) { console.error('Docs wiki folder not found at', docsDir); process.exitCode = 2; @@ -105,7 +120,6 @@ async function main() { } // If running in CI with a GITHUB_TOKEN available, inject it into an https wiki URL so git can authenticate. - const isCI = process.env.GITHUB_ACTIONS === 'true' || process.env.CI === 'true'; let maskedWikiUrl = wikiUrl; if (wikiUrl && isCI && process.env.GITHUB_TOKEN) { try {