[WIP] Review GitHub folder and workflows for best practices

[Copilot]

Critical Review of .github Workflows - COMPLETE

Issues Fixed:

• Critical Indentation Error: Fixed incorrect indentation in update-cv.yml lines 58-79 that would cause workflow syntax errors
• Workflow Disable Warning: Added documentation and solutions for GitHub's 60-day auto-disable policy
• Concurrency Control: Added to both workflows to prevent overlapping runs and conflicts
• Job Timeouts: Added 20-30 minute timeouts to prevent hanging jobs
• Error Handling: Added validation for ORCID_TOKEN secret before use
• Documentation: Created comprehensive .github/README.md explaining workflows, the 60-day issue, and troubleshooting
• Code Review: Addressed all review feedback on documentation clarity and accuracy

Best Practices Implemented:

update-cv.yml:

• ✅ Concurrency control (cv-update group, no cancellation)
• ✅ 30-minute job timeout
• ✅ Secret validation step
• ✅ Proper YAML indentation (FIXED)
• ✅ Comments explaining cron schedule and workflow_dispatch
• ✅ Existing retry logic for git push

quarto-publish.yml:

• ✅ Concurrency control (pages-deploy group, no cancellation)
• ✅ 20-minute job timeout
• ✅ Comments explaining concurrency behavior

About the 60-Day Disable Warning

The Issue: GitHub automatically disables scheduled workflows after 60 days of no repository activity to save resources.

Solutions Provided:

1. workflow_dispatch trigger (already present, documented)

   • Allows manual triggering
   • Manual runs count as activity and reset the timer

2. Documentation in .github/README.md covers:

   • Why workflows get disabled
   • How to prevent it (manual runs every ~50 days with safety margin)
   • How to re-enable disabled workflows
   • Monitoring and troubleshooting

3. Best practice: Run workflow manually every ~50 days if no commits occur

Why not a keep-alive workflow?

• Would pollute git history with empty commits
• Current solution (manual trigger) is cleaner
• Workflow will auto-commit when publications actually update

Testing & Quality

• YAML syntax validated for both workflow files
• Indentation fixed and verified
• All changes follow GitHub Actions best practices
• Code review completed and all feedback addressed
• Documentation is accurate and repository-agnostic

Original prompt

review the .github folder and its contents and the workflows. critically review, should this work all the time? is it best practice? how can i avoid [GitHub] The "Monthly CV Update" workflow in oddish3/oddish.github.io has been disabled warnings

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

Pull request overview

Improves the repository’s GitHub Actions setup by hardening the existing CV update and Quarto publish workflows and adding documentation to explain usage and operational caveats (notably scheduled workflow auto-disable).

Changes:

• Added concurrency controls and job timeouts to both workflows.
• Added an ORCID_TOKEN preflight validation step to the CV update workflow and fixed YAML indentation in its commit/push step.
• Added .github/README.md documenting workflow behavior, requirements, and troubleshooting.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
.github/workflows/update-cv.yml	Adds concurrency/timeout/secret validation and fixes indentation in the commit/push script.
.github/workflows/quarto-publish.yml	Adds concurrency control and a job timeout to reduce overlapping/hanging deploys.
.github/README.md	Documents the workflows, required secrets, and notes about scheduled workflow disabling.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

git pull --rebase origin main is executed after the workflow has potentially modified tracked files (the diff check happens after running the update + compile steps). If there are changes to commit (the common case), the working tree is dirty and git pull --rebase will fail with “cannot pull with rebase: You have unstaged changes”. Move the pull/rebase (or git fetch + git reset --hard origin/main) to immediately after checkout, before generating files, or enable autostash explicitly (e.g., git pull --rebase --autostash).

[Copilot]

The README says manual workflow execution involves selecting a branch (usually main), but update-cv.yml hard-codes actions/checkout to ref: main and always pushes to main. Either update the documentation to say the branch selection is ignored for this workflow, or update the workflow to use the dispatch-selected ref (and avoid pushing to main when run on other branches).

Suggested change

	4. Select the branch (usually `main`)
	5. Click "**Run workflow**" button
	4. For workflows that support it (e.g., Quarto Publish), select the branch (usually `main`)
	5. Click "**Run workflow**" button
	**Note**: The Monthly CV Update workflow (`update-cv.yml`) always runs against the `main` branch, regardless of the branch selected in the UI.