-
-
Notifications
You must be signed in to change notification settings - Fork 0
CI CD
CI is split per component with path filters, so a web change never triggers an app build and vice versa. Workflows live in .github/workflows/.
| Workflow | Triggers on | Does |
|---|---|---|
ci-web.yml |
web/** changes |
lint, test, build, typecheck, deploy, release |
ci-app.yml |
app/** changes |
Flutter analyze/test/build |
release-app.yml |
manual / tags | builds & ships the Flutter app |
_deploy-web.yml |
reusable | shared web deploy steps |
cleanup-web-development.yml |
PR close | deletes the per-PR preview worker |
dependabot-auto-merge.yml, renovate-auto-approve.yml
|
dep PRs | automated dependency merges |
zizmor.yml |
— | GitHub Actions security linting |
Jobs run gated on the checks passing first:
---
config:
look: handDrawn
theme: neutral
---
flowchart LR
check["web-check (lint + test + coverage)"] --> build["web-build (build + typecheck)"]
build --> prod["deploy-production"]
build --> dev["deploy-development"]
build --> rel["release (semantic-release)"]
dev --> comment["comment preview URL"]
- web-check — Biome lint, Vitest tests, upload coverage to Codecov.
-
web-build — production build +
tsctypecheck. -
deploy-production — on push to
main: build withCLOUDFLARE_ENV=production,wrangler deploy→ workercontribkitoncontribkit.app. -
deploy-development — on PRs: build with
CLOUDFLARE_ENV=development, deploy ephemeral workerpr-<n>-contribkit-developmenton*.workers.dev; a bot comment posts the preview URL; the worker is removed on PR close bycleanup-web-development.yml. - release — semantic-release versions the web component (decoupled from deploy).
Concurrency cancels in-progress runs for pull requests only.
Environments are repo-global, so they're namespaced by component (<component>-<stage>) and hold component-specific secrets:
| Environment | Component | Stage | Deployed by |
|---|---|---|---|
web-production |
Astro web | production |
ci-web.yml (push to main) |
web-development |
Astro web | development |
ci-web.yml (per-PR preview) |
app-production |
Flutter app | production |
release-app.yml (track = production) |
app-development |
Flutter app | development |
release-app.yml (track ≠ production) |
App development is the internal Play track + RevenueCat sandbox; web development is a per-PR preview Worker. Component-scoped configs don't repeat the prefix: wrangler uses [env.production] / [env.development]; Flutter uses production / development flavors.
semantic-release runs per component and tags as web-vX.Y.Z / app-vX.Y.Z, driven by Conventional Commits (enforced by commitlint). Deploys are decoupled from versioning — production web deploys on every qualifying push to main, not on a release tag.
-
Web Application — the
@astrojs/cloudflaredeploy gotcha - Project Structure — monorepo tooling