openfga · evansims · Aug 18, 2025 · Aug 18, 2025 · Aug 18, 2025 · Aug 19, 2025
@@ -0,0 +1,50 @@
+name: "Setup and Build"
+description: "Setup Node.js, install dependencies, and optionally build"
+inputs:
+  node-version:
+    description: "Node.js version"
+    required: false
+    default: "22"
+  build:
+    description: "Run build step"
+    required: false
+    default: "true"
+  setup:
+    description: "Setup Node.js and install dependencies"
+    required: false
+    default: "true"
+  build-analytics-id:
+    description: "Analytics tracking ID"
+    required: false
+    default: ""
+  build-base-url:
+    description: "Base URL for build"
+    required: false
+    default: ""
+  npm-ci-flags:
+    description: "Flags for npm ci (default: --no-audit --no-fund --prefer-offline). Add --ignore-scripts if needed to skip postinstall scripts"
+    required: false
+    default: "--no-audit --no-fund --prefer-offline"
+
+runs:
+  using: "composite"
+  steps:
+    - name: Setup Node.js
+      if: ${{ inputs.setup == 'true' }}
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      with:
+        node-version: ${{ inputs.node-version }}
+        cache: "npm"
+
+    - name: Install dependencies
+      if: ${{ inputs.setup == 'true' }}
+      shell: bash
+      run: npm ci ${{ inputs.npm-ci-flags }}
+
+    - name: Build website
+      if: ${{ inputs.build == 'true' }}
+      shell: bash
+      env:
+        HUBSPOT_TRACKING_ID: ${{ inputs.build-analytics-id }}
+        BASE_URL: ${{ inputs.build-base-url }}
+      run: npm run build
@@ -1,54 +1,79 @@
 name: Deploy to GitHub Pages
 
 on:
-  # Nightly @ 5AM UTC
-  schedule:
-    - cron: '0 5 * * *'
-  # When triggered manually
   workflow_dispatch:
-  # When a commit is pushed to the main branch
   push:
     branches:
       - main
 
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: 'pages'
+  cancel-in-progress: false
+
 jobs:
-  deploy:
-    name: Deploy to GitHub Pages
-    permissions:
-      contents: write
+  build:
+    name: Build
     runs-on: ubuntu-latest
     steps:
-      - name: Cached LFS checkout
-        uses: nschloe/action-cached-lfs-checkout@f46300cd8952454b9f0a21a3d133d4bd5684cfc2
+      - name: Checkout repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          lfs: true # LFS required for building with images/assets
+          fetch-depth: 1
 
-      - name: Set up node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
+      - name: Setup and build
+        uses: ./.github/actions/setup-and-build
         with:
-          node-version: '22'
-          registry-url: 'https://registry.npmjs.org'
-          cache: 'npm'
+          build-analytics-id: ${{ secrets.HUBSPOT_TRACKING_ID }}
 
-      - name: Install dependencies
-        run: npm ci
+      - name: Create CNAME file
+        run: echo "openfga.dev" > ./build/CNAME
 
-      - name: Build website
-        run: npm run build
-        env:
-          HUBSPOT_TRACKING_ID: ${{ secrets.HUBSPOT_TRACKING_ID }}
+      - name: Preserve PR previews from gh-pages
+        timeout-minutes: 5
+        run: |
+          # Clone the gh-pages branch with authentication to avoid rate limits
+          if git clone --branch gh-pages --single-branch --depth 1 \
+            https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git gh-pages-temp 2>/dev/null; then
 
-      # Popular action to deploy to GitHub Pages:
-      # Docs: https://github.com/peaceiris/actions-gh-pages#%EF%B8%8F-docusaurus
-      - name: Deploy to GitHub Pages
-        uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e
+            # Copy pr-preview directory if it exists
+            if [ -d "gh-pages-temp/pr-preview" ]; then
+              echo "Preserving PR previews..."
+              cp -r gh-pages-temp/pr-preview ./build/
+              # Count actual PR preview directories (excluding parent)
+              preview_count=$(find ./build/pr-preview -mindepth 1 -maxdepth 1 -type d 2>/dev/null | wc -l)
+              echo "Preserved ${preview_count} PR preview(s)"
+            else
+              echo "No PR previews to preserve"
+            fi
+
+            # Clean up temp directory
+            rm -rf gh-pages-temp
+          else
+            echo "No gh-pages branch found or unable to clone - this is normal for first deployment"
+          fi
+
+      - name: Setup Pages
+        uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
+
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
         with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          # Build output to publish to the `gh-pages` branch:
-          publish_dir: ./build
-          cname: openfga.dev
-          # The following lines assign commit authorship to the official
-          # GH-Actions bot for deploys to `gh-pages` branch:
-          # https://github.com/actions/checkout/issues/13#issuecomment-724415212
-          # The GH actions bot is used by default if you didn't specify the two fields.
-          # You can swap them out with your own user credentials.
-          user_name: github-actions[bot]
-          user_email: 41898282+github-actions[bot]@users.noreply.github.com
+          path: ./build
+
+  deploy:
+    name: Deploy to GitHub Pages
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5