From d06cada2b69ad9186f6b88348195e1b2502854dd Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Wed, 20 May 2026 15:35:34 +0200 Subject: [PATCH 01/10] ci: migrate deploy workflow to vp --- ...build-deploy.yml => cloudflare-deploy.yml} | 28 +++++++++---------- 1 file changed, 13 insertions(+), 15 deletions(-) rename .github/workflows/{build-deploy.yml => cloudflare-deploy.yml} (74%) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/cloudflare-deploy.yml similarity index 74% rename from .github/workflows/build-deploy.yml rename to .github/workflows/cloudflare-deploy.yml index 1944ccc..dd84278 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/cloudflare-deploy.yml @@ -1,4 +1,4 @@ -name: Build & Deploy +name: Cloudflare Deploy on: push: @@ -8,39 +8,37 @@ on: # Twice a week: Monday 03:00 UTC and Thursday 03:00 UTC - cron: "0 3 * * 1" - cron: "0 3 * * 4" - workflow_dispatch: {} # Allow manual trigger from GitHub UI + workflow_dispatch: {} permissions: contents: read -# Cancel in-progress runs when a newer run is triggered (e.g. two PRs merged quickly). concurrency: - group: deploy-production + group: cloudflare-pages-${{ github.ref }} cancel-in-progress: true jobs: - build: - name: Build & Deploy + deploy-pages: + name: Deploy Cloudflare Pages runs-on: ubuntu-24.04 timeout-minutes: 15 steps: - name: Checkout the Codebase uses: actions/checkout@v6 - - name: Install pnpm - uses: pnpm/action-setup@v4 - - - name: Setup Node.js - uses: actions/setup-node@v6 + - name: Setup Vite+ + uses: voidzero-dev/setup-vp@v1 with: - node-version: 24 - cache: pnpm + version: 0.1.19 + node-version: "24" + cache: true + run-install: false - name: Install dependencies - run: pnpm i --frozen-lockfile --prefer-offline + run: vp install - name: Generate static site - run: pnpm run build:ssg + run: vp run build:ssg env: NUXT_PUBLIC_LEGAL_NAME: ${{ vars.NUXT_PUBLIC_LEGAL_NAME }} NUXT_PUBLIC_LEGAL_OCCUPATION: ${{ vars.NUXT_PUBLIC_LEGAL_OCCUPATION }} From 1a1df9ee571d128e1361a6b45f7ff920778efb50 Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Wed, 20 May 2026 15:36:50 +0200 Subject: [PATCH 02/10] ci: migrate validation workflow to vp --- .github/workflows/validation-and-tests.yml | 26 ++++++++++------------ 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/.github/workflows/validation-and-tests.yml b/.github/workflows/validation-and-tests.yml index 97666b3..25bd0c0 100755 --- a/.github/workflows/validation-and-tests.yml +++ b/.github/workflows/validation-and-tests.yml @@ -32,36 +32,34 @@ jobs: matrix: include: - name: Lint & Format Check - command: pnpm test:lint + command: vp run test:lint - name: Redirect Artifact Check - command: pnpm test:redirects + command: vp run test:redirects - name: Type Check - command: pnpm test:types + command: vp run test:types steps: # Check out the repository - name: Checkout the Codebase uses: actions/checkout@v6 - # Install and set up pnpm for use in the workflow - - name: Install pnpm - uses: pnpm/action-setup@v4 - - # Set up Node.js and enable pnpm caching - - name: Setup Node.js - uses: actions/setup-node@v6 + # Install and set up Vite+ with Node and pnpm for use in the workflow + - name: Setup Vite+ + uses: voidzero-dev/setup-vp@v1 with: - node-version: 24 - cache: pnpm + version: 0.1.19 + node-version: "24" + cache: true + run-install: false # Install project dependencies with automatic `nuxt prepare` at the end. # Thanks to the cache, this step is extremely fast on subsequent runs. - name: Install dependencies - run: pnpm i --frozen-lockfile --prefer-offline + run: vp install --frozen-lockfile --prefer-offline # Execute the specific check command from the matrix - name: Run Check - # could also run as `pnpm test` as all commands are defined to run sequentially, but more control this way for now + # could also run as `vp run test` as all commands are defined to run sequentially, but more control this way for now run: ${{ matrix.command }} # This job acts as a single, final status check for branch protection. From a23987cf6030f76e311851dfdf202afd1907e806 Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Wed, 20 May 2026 16:00:24 +0200 Subject: [PATCH 03/10] ci: rename workflow & job --- .github/workflows/cloudflare-deploy.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cloudflare-deploy.yml b/.github/workflows/cloudflare-deploy.yml index dd84278..0583976 100644 --- a/.github/workflows/cloudflare-deploy.yml +++ b/.github/workflows/cloudflare-deploy.yml @@ -1,4 +1,4 @@ -name: Cloudflare Deploy +name: Cloudflare Build & Deploy on: push: @@ -8,18 +8,19 @@ on: # Twice a week: Monday 03:00 UTC and Thursday 03:00 UTC - cron: "0 3 * * 1" - cron: "0 3 * * 4" - workflow_dispatch: {} + workflow_dispatch: {} # Allow manual trigger from GitHub UI permissions: contents: read +# Cancel in-progress runs when a newer run is triggered (e.g. two PRs merged quickly). concurrency: group: cloudflare-pages-${{ github.ref }} cancel-in-progress: true jobs: - deploy-pages: - name: Deploy Cloudflare Pages + build-and-deploy: + name: Build & Deploy on Cloudflare Pages runs-on: ubuntu-24.04 timeout-minutes: 15 steps: From 751f0b638831a7a43399e518a6a51aa5f4cdc119 Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Wed, 20 May 2026 16:11:25 +0200 Subject: [PATCH 04/10] ci: pin setup-vp action in cloudflare deploy workflow --- .github/workflows/cloudflare-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cloudflare-deploy.yml b/.github/workflows/cloudflare-deploy.yml index 0583976..86a1c59 100644 --- a/.github/workflows/cloudflare-deploy.yml +++ b/.github/workflows/cloudflare-deploy.yml @@ -28,7 +28,7 @@ jobs: uses: actions/checkout@v6 - name: Setup Vite+ - uses: voidzero-dev/setup-vp@v1 + uses: voidzero-dev/setup-vp@ca1c46663915d6c1042ae23bd39ab85718bfb0fa with: version: 0.1.19 node-version: "24" From f818bd5cbee26a08065afe3d291e348fa79e5633 Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Wed, 20 May 2026 16:11:46 +0200 Subject: [PATCH 05/10] ci: enforce frozen lockfile in cloudflare deploy workflow --- .github/workflows/cloudflare-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cloudflare-deploy.yml b/.github/workflows/cloudflare-deploy.yml index 86a1c59..1f62018 100644 --- a/.github/workflows/cloudflare-deploy.yml +++ b/.github/workflows/cloudflare-deploy.yml @@ -36,7 +36,7 @@ jobs: run-install: false - name: Install dependencies - run: vp install + run: vp install --frozen-lockfile --prefer-offline - name: Generate static site run: vp run build:ssg From 0f714cdfc0e64033b7bb3b4770b248605c3c2452 Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Wed, 20 May 2026 16:12:09 +0200 Subject: [PATCH 06/10] ci: pin setup-vp action in validation workflow --- .github/workflows/validation-and-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validation-and-tests.yml b/.github/workflows/validation-and-tests.yml index 25bd0c0..178a6e9 100755 --- a/.github/workflows/validation-and-tests.yml +++ b/.github/workflows/validation-and-tests.yml @@ -45,7 +45,7 @@ jobs: # Install and set up Vite+ with Node and pnpm for use in the workflow - name: Setup Vite+ - uses: voidzero-dev/setup-vp@v1 + uses: voidzero-dev/setup-vp@ca1c46663915d6c1042ae23bd39ab85718bfb0fa with: version: 0.1.19 node-version: "24" From 026ef734719da336e25ccd10051bc7fc8be91e8d Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Fri, 22 May 2026 16:17:13 +0200 Subject: [PATCH 07/10] ci: harden cloudflare deploy checkout step --- .github/workflows/cloudflare-deploy.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cloudflare-deploy.yml b/.github/workflows/cloudflare-deploy.yml index 1f62018..fee77c7 100644 --- a/.github/workflows/cloudflare-deploy.yml +++ b/.github/workflows/cloudflare-deploy.yml @@ -25,7 +25,9 @@ jobs: timeout-minutes: 15 steps: - name: Checkout the Codebase - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + with: + persist-credentials: false - name: Setup Vite+ uses: voidzero-dev/setup-vp@ca1c46663915d6c1042ae23bd39ab85718bfb0fa From 84a7399ab9d90ec0a111b8a2a474652a827bf5c6 Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Fri, 22 May 2026 16:18:13 +0200 Subject: [PATCH 08/10] ci: pin remaining workflow actions in validation workflow --- .github/workflows/validation-and-tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validation-and-tests.yml b/.github/workflows/validation-and-tests.yml index 178a6e9..eb58d2b 100755 --- a/.github/workflows/validation-and-tests.yml +++ b/.github/workflows/validation-and-tests.yml @@ -18,7 +18,7 @@ jobs: permissions: pull-requests: read steps: - - uses: amannn/action-semantic-pull-request@v6 + - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -41,7 +41,7 @@ jobs: steps: # Check out the repository - name: Checkout the Codebase - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # Install and set up Vite+ with Node and pnpm for use in the workflow - name: Setup Vite+ From 1a0bdf9bc691fc7ed920186cab880f4557460c4f Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Fri, 22 May 2026 16:21:41 +0200 Subject: [PATCH 09/10] ci: harden cloudflare deploy checkout step --- .github/workflows/validation-and-tests.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/validation-and-tests.yml b/.github/workflows/validation-and-tests.yml index eb58d2b..3c283fd 100755 --- a/.github/workflows/validation-and-tests.yml +++ b/.github/workflows/validation-and-tests.yml @@ -42,6 +42,8 @@ jobs: # Check out the repository - name: Checkout the Codebase uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + with: + persist-credentials: false # Install and set up Vite+ with Node and pnpm for use in the workflow - name: Setup Vite+ From b8ea41fdb7ae9e3bf7d651ffb7a3dfbb731d037c Mon Sep 17 00:00:00 2001 From: Thorsten Seyschab Date: Fri, 22 May 2026 16:36:54 +0200 Subject: [PATCH 10/10] ci: pin wrangler action in cloudflare deploy workflow --- .github/workflows/cloudflare-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cloudflare-deploy.yml b/.github/workflows/cloudflare-deploy.yml index fee77c7..28d7b64 100644 --- a/.github/workflows/cloudflare-deploy.yml +++ b/.github/workflows/cloudflare-deploy.yml @@ -54,7 +54,7 @@ jobs: NUXT_PUBLIC_LEGAL_VAT_ID: ${{ vars.NUXT_PUBLIC_LEGAL_VAT_ID }} - name: Deploy to Cloudflare Pages - uses: cloudflare/wrangler-action@v3 + uses: cloudflare/wrangler-action@9acf94ace14e7dc412b076f2c5c20b8ce93c79cd with: apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}