Skip to content

feat: GitHub Actions auto-commit#1062

Open
Siddhant-K-code wants to merge 10 commits into
openfga:mainfrom
Siddhant-K-code:feat/github-actions-auto-commit
Open

feat: GitHub Actions auto-commit#1062
Siddhant-K-code wants to merge 10 commits into
openfga:mainfrom
Siddhant-K-code:feat/github-actions-auto-commit

Conversation

@Siddhant-K-code

@Siddhant-K-code Siddhant-K-code commented Jul 12, 2025

Copy link
Copy Markdown
Member

Related #1054

Summary by CodeRabbit

  • Documentation

    • Updated OpenFGA configuration documentation for version 1.8.15, including new options for secondary datastore connections and iterator cache settings.
    • Revised descriptions and reorganized configuration options for clarity.
  • Chores

    • Upgraded various dependencies, including Docusaurus, OpenFGA SDK, sanitize-html, swagger-ui-react, and ESLint-related packages.
    • Enhanced deployment and preview workflows with improved permissions, automated documentation commits, and updated action versions.

- Update configuration documentation to reference v1.8.15
- Update resolveNodeBreadthLimit default value from 100 to 10
- Update dependencies to latest versions
- Add permissions for GitHub Actions to commit documentation changes
- Add auto-commit step to update OpenFGA configuration docs
- Update pr-preview-action to latest version

This needs further review as requested by maintainers.
@Siddhant-K-code Siddhant-K-code requested review from a team as code owners July 12, 2025 07:01
@coderabbitai

coderabbitai Bot commented Jul 12, 2025

Copy link
Copy Markdown
Contributor

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 789547ae-cfd9-4d6e-9c65-a715684ddaed

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review

Walkthrough

The updates include enhancements to GitHub Actions workflows for deployment and preview, documentation changes for OpenFGA configuration, and dependency upgrades in package.json. The deployment workflow now commits generated documentation files automatically. The OpenFGA configuration documentation reflects new options and updates. Several dependencies were upgraded to newer versions.

Changes

File(s) Change Summary
.github/workflows/deploy.yml Enhanced workflow: added explicit permissions and a step to auto-commit generated .mdx docs after build.
.github/workflows/preview.yml Updated preview workflow to use a newer commit of the rossjrw/pr-preview-action GitHub Action.
docs/content/getting-started/setup-openfga/configuration.mdx Updated for OpenFGA 1.8.15: new/changed config options, reorganized sections, default value changes, and new options.
package.json Upgraded Docusaurus, OpenFGA SDK, search plugin, sanitize-html, swagger-ui-react, ESLint, and TypeScript dependencies.

Sequence Diagram(s)

sequenceDiagram
    participant GitHub Actions
    participant Build System
    participant Docs Repo

    GitHub Actions->>Build System: Build website
    Build System-->>GitHub Actions: Build artifacts
    GitHub Actions->>Docs Repo: Auto-commit updated *.mdx docs
    GitHub Actions->>GitHub Pages: Deploy site
Loading
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f9a0151 and 14f35aa.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (4)
  • .github/workflows/deploy.yml (2 hunks)
  • .github/workflows/preview.yml (1 hunks)
  • docs/content/getting-started/setup-openfga/configuration.mdx (4 hunks)
  • package.json (2 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
  • GitHub Check: Socket Security: Pull Request Alerts
  • GitHub Check: deploy-preview
  • GitHub Check: Test deployment
🔇 Additional comments (4)
.github/workflows/preview.yml (1)

37-40: Action remains pinned – 👍 but consider aliasing for easier upgrades

The workflow keeps the rossjrw/pr-preview-action pinned to a full-length SHA (good for supply-chain security).
If you want quicker upgrades without editing every commit hash, you can pin to a semver tag (e.g. v1) and combine it with @ref verification (actions/verify-hash) so you still get tamper-proofing while lowering maintenance overhead.
No blocking issues here.

.github/workflows/deploy.yml (1)

18-22: Explicit permissions block improves least-privilege compliance

Granting only contents, pages and id-token is exactly what this job needs and nothing more. Nice hardening.

package.json (2)

28-45: Large dependency bump – verify Node/React/Docusaurus compatibility

Upgrading Docusaurus to 3.8.1, React 18.3 and moving the CI runner to Node 22 is a triple-jump. Node 22 is not an LTS release yet and Docusaurus’ latest docs still recommend Node 18/20.

Please double-check:

  1. Local dev machines on older LTS versions won’t break.
  2. The generated static site still works in PROD (no React 18.3 breaking changes).
  3. engines.node in package.json (if present) is updated accordingly.

If everything passes locally & in preview, all good ‑ just worth an explicit verification.


56-58: ESLint major upgrade to v9 may require config tweaks

eslint 9.x is eslint-config-breaking (the flat config becomes default).
Make sure .eslintrc.* has been migrated or the lint job will error out.

If you need a minimal patch:

{
- "root": true,
- "extends": ["eslint:recommended", "plugin:react/recommended"],
+ "eslintConfig": {
+   "root": true,
+   "extends": ["eslint:recommended", "plugin:react/recommended"]
+ }
}

(or switch to the new eslint.config.js flat format).

Comment thread .github/workflows/deploy.yml Outdated
Comment on lines 118 to 120
| `resolveNodeLimit` | <div id="OPENFGA_RESOLVE_NODE_LIMIT"><code>OPENFGA_RESOLVE_NODE_LIMIT</code></div> | `resolve-node-limit` | integer | Maximum resolution depth to attempt before throwing an error (defines how deeply nested an authorization model can be before a query errors out). | `25` |
| `resolveNodeBreadthLimit` | <div id="OPENFGA_RESOLVE_NODE_BREADTH_LIMIT"><code>OPENFGA_RESOLVE_NODE_BREADTH_LIMIT</code></div> | `resolve-node-breadth-limit` | integer | Defines how many nodes on a given level can be evaluated concurrently in a Check resolution tree. | `100` |
| `resolveNodeBreadthLimit` | <div id="OPENFGA_RESOLVE_NODE_BREADTH_LIMIT"><code>OPENFGA_RESOLVE_NODE_BREADTH_LIMIT</code></div> | `resolve-node-breadth-limit` | integer | Defines how many nodes on a given level can be evaluated concurrently in a Check resolution tree. | `10` |
| `listObjectsDeadline` | <div id="OPENFGA_LIST_OBJECTS_DEADLINE"><code>OPENFGA_LIST_OBJECTS_DEADLINE</code></div> | `list-objects-deadline` | string (duration) | The timeout deadline for serving ListObjects requests | `3s` |

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Default for resolveNodeBreadthLimit changed – highlight backwards-compat risk

Dropping the default from 100 → 10 is a behaviour change that may throttle existing workloads.
Consider adding a call-out note in the doc (or release notes) so users aren’t surprised by slower or error-prone deep graph traversals.

🤖 Prompt for AI Agents
In docs/content/getting-started/setup-openfga/configuration.mdx around lines 118
to 120, the default value for resolveNodeBreadthLimit has been changed from 100
to 10, which can cause backward compatibility issues by throttling existing
workloads. Add a clear call-out note or warning near this configuration entry to
inform users about this behavior change and its potential impact on performance
and error rates during deep graph traversals.

Comment thread docs/content/getting-started/setup-openfga/configuration.mdx Outdated

@rhamzeh rhamzeh left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of having the deploy workflow commit directly to the repo, let's add a separate nightly job that checks for changes and commit only if any are made.

Let's keep the deploy as is.

Can you remove the parts that are unrelated from this (dep updates + eslint)?

@socket-security

socket-security Bot commented Jul 15, 2025

Copy link
Copy Markdown

No dependency changes detected. Learn more about Socket for GitHub.

👍 No dependency changes detected in pull request

@Siddhant-K-code Siddhant-K-code requested a review from rhamzeh July 15, 2025 16:44
@curfew-marathon

Copy link
Copy Markdown
Contributor

This PR has had no human activity for 90 days, so it has been marked lifecycle/stale.

This is automated backlog grooming, not a judgment on the work.

What happens next, unless there is activity:

  • In 30 days, it will move to lifecycle/closing-soon
  • 30 days after that, it will be closed

To keep it open, push a commit or leave a comment, and the clock will reset. For work that should not auto-close, such as an RFC or long-running experiment, ask a maintainer to add lifecycle/frozen.

@curfew-marathon curfew-marathon added the lifecycle/stale No human activity in 90 days label Jul 3, 2026
Copilot AI review requested due to automatic review settings July 6, 2026 10:19
@Siddhant-K-code

Copy link
Copy Markdown
Member Author

@rhamzeh - any thoughts on this?

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds GitHub Actions automation intended to periodically regenerate and commit OpenFGA configuration documentation, alongside a small formatting fix in the generated MDX.

Changes:

  • Adds a scheduled/manual update-docs workflow that builds the site and auto-commits documentation changes.
  • Fixes a minor MDX formatting/indentation issue in the configuration docs page.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.

File Description
docs/content/getting-started/setup-openfga/configuration.mdx Minor formatting adjustment to the related links component closing tag.
.github/workflows/update-docs.yml New scheduled workflow to build and auto-commit updated documentation.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/update-docs.yml
}
]}
/> No newline at end of file
/>

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unintentional & non-related change, it just added an EOL

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

lifecycle/stale No human activity in 90 days

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants