diff --git a/.github/workflows/bump-techapi.yml b/.github/workflows/bump-techapi.yml new file mode 100644 index 0000000..60e74a2 --- /dev/null +++ b/.github/workflows/bump-techapi.yml @@ -0,0 +1,58 @@ +name: bump-techapi + +# Reverse of notify-techapi: advance THIS repo's TechAPI submodule pointer to +# TechAPI's latest main. Triggered by a repository_dispatch (`techapi-updated`) +# that TechAPI's notify-engine.yml sends on a real data/site change, or run +# manually. Keeps the "TechAPI @ " browsing link from going stale. +# +# Loop-safe by construction: +# * the bump commit is pushed with the default GITHUB_TOKEN, and pushes made +# by GITHUB_TOKEN do NOT trigger other workflows — so notify-techapi never +# fires on it and there is no ping-pong back to TechAPI; +# * TechAPI's notify-engine.yml must `paths-ignore` its own TechEngine gitlink +# so it doesn't dispatch on bump-only commits (sender-side guard); +# * the bump is idempotent — if the pointer already matches, it no-ops. +on: + repository_dispatch: + types: [techapi-updated] + workflow_dispatch: + +permissions: + contents: write + +concurrency: + group: bump-techapi + cancel-in-progress: false + +jobs: + bump: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + ref: main + + - name: Bump TechAPI submodule pointer to TechAPI main + env: + PAYLOAD_SHA: ${{ github.event.client_payload.sha }} + run: | + set -euo pipefail + # Prefer the sha from the dispatch payload; fall back to remote main HEAD + # (covers manual runs and payload-less dispatches). + SHA="${PAYLOAD_SHA:-}" + if [ -z "$SHA" ]; then + SHA=$(git ls-remote https://github.com/Seungpyo1007/TechAPI.git refs/heads/main | awk '{print $1}') + fi + if [ -z "$SHA" ]; then + echo "::error::could not resolve TechAPI main sha"; exit 1 + fi + CUR=$(git ls-tree HEAD TechAPI | awk '{print $3}') + if [ "$SHA" = "$CUR" ]; then + echo "TechAPI pointer already at ${SHA:0:7}; nothing to do." + exit 0 + fi + git update-index --cacheinfo "160000,${SHA},TechAPI" + git config user.name "techengine-bot" + git config user.email "techengine-bot@users.noreply.github.com" + git commit -m "chore: bump TechAPI submodule to ${SHA:0:7}" + git push origin main diff --git a/.github/workflows/notify-techapi.yml b/.github/workflows/notify-techapi.yml index 32450d5..cc98393 100644 --- a/.github/workflows/notify-techapi.yml +++ b/.github/workflows/notify-techapi.yml @@ -9,6 +9,12 @@ name: notify-techapi on: push: branches: [main] + # Don't ping TechAPI for commits that only move the TechAPI submodule pointer + # (bump-techapi.yml's own bumps): TechAPI doesn't need to track those, and + # skipping them keeps each real change to exactly one bump — symmetric with + # TechAPI's notify-engine.yml ignoring its TechEngine gitlink. + paths-ignore: + - TechAPI permissions: contents: read diff --git a/.github/workflows/refresh-data.yml b/.github/workflows/refresh-data.yml index 0e4b056..d77e432 100644 --- a/.github/workflows/refresh-data.yml +++ b/.github/workflows/refresh-data.yml @@ -1,12 +1,11 @@ name: refresh-data -# Static-dump refresh (git-scraping pattern). -# Pulls the latest TechAPI data, validates, regenerates dump/. -# - weekly schedule keeps the static dump fresh -# - manual trigger for on-demand rebuilds +# Dump smoke-test: when engine code (app/**) changes, rebuild the static dump +# from the latest TechAPI data and validate it — a fast guard that `app.dump` +# still generates end-to-end. The weekly full refresh (enrich + integrity gate + +# dump + PR to TechAPI) lives in weekly-refresh.yml; this no longer runs on a +# schedule, to avoid duplicating that Monday run. on: - schedule: - - cron: "17 6 * * 1" # Mondays 06:17 UTC (offset minute is polite, per git-scraping) push: branches: [main] paths: