feat(ci): trigger publish on release tags, auto-register and prune versions#936
Conversation
📝 WalkthroughWalkthroughModifies the publish-fern-docs GitHub Actions workflow to trigger on stable semver release tags matching v[0-9].[0-9].[0-9], grant contents: write, and set MAX_VERSIONS=3. On eligible tag pushes it generates fern/versions/.yml from the tag's docs/index.yml, inserts a version entry into fern/docs.yml, prunes older versions (deleting their fern/versions/.yml) to retain the configured recent set plus Latest, and commits any fern/ changes back to main. Pre-release tags publish but skip version registration. Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related issues
Suggested labels
Suggested reviewers
🚥 Pre-merge checks | ✅ 4✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/publish-fern-docs.yml:
- Line 93: The yq slice expression used to set PRUNED contains an extra dot
before the array projection; update the PRUNED assignment so the expression
removes the stray dot — change the selector from
".products[0].versions[$KEEP:].[].slug" to use
".products[0].versions[$KEEP:].[].slug" (i.e., edit the PRUNED=$(yq "...") line
to the corrected selector).
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Enterprise
Run ID: 5e743a40-d771-45d2-8210-5df4b3e9d095
📒 Files selected for processing (1)
.github/workflows/publish-fern-docs.yml
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/publish-fern-docs.yml:
- Around line 106-116: The script currently checks for changes before running
git add which misses newly created files; instead stage the files first (git add
fern/versions/ fern/docs.yml) and then test for staged changes using git diff
--cached --quiet (or git diff --staged --name-only) to decide whether to commit;
update the flow around TAG_VERSION and MAX_VERSIONS so the code only runs git
commit -m "chore(fern): register ${TAG_VERSION}, keep latest ${MAX_VERSIONS}
versions [automated]" and git push origin main when the staged-diff check shows
changes.
- Line 74: The yq mutation assumes .products[0].versions[0] is the "Latest"
entry, so add a pre-check that inspects .products[0].versions[0]."display-name"
(or searches .products[0].versions for the entry with "display-name": "Latest")
and aborts or adjusts if it isn't found; update the step that runs the yq
command (the existing yq -i '.products[0].versions |= [.[0]] + [{"display-name":
env(TAG_VERSION), "path": "versions/" + env(TAG_VERSION) + ".yml", "slug":
env(TAG_VERSION), "availability": "stable"}] + .[1:]' fern/docs.yml) to only run
when the validation passes (or compute the correct index and insert after the
located "Latest" element), so insertion reliably places the new version after
the actual "Latest" entry.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Enterprise
Run ID: b36f1b9f-7aaa-4037-ae61-b5114f7c2de6
📒 Files selected for processing (1)
.github/workflows/publish-fern-docs.yml
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
.github/workflows/publish-fern-docs.yml (1)
50-53:⚠️ Potential issue | 🟠 Major | ⚡ Quick winFetch tags before any tag-based git operations.
Checking out
mainwith default fetch settings leaves the runner with a shallow branch clone. Later steps callgit archive "${TAG_VERSION}"andgit show-ref refs/tags/..., but sincewith.ref: mainis set, the tag refs are not fetched. On a clean runner, those tag refs will not exist locally, which breaks both version registration and frozen-content extraction.Suggested fix
- name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: main + fetch-depth: 0🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/publish-fern-docs.yml around lines 50 - 53, The checkout step currently pins with.ref: main which results in a shallow clone missing tag refs needed later by git archive "${TAG_VERSION}" and git show-ref refs/tags/..., so update the actions/checkout step (the uses: actions/checkout entry) to fetch tags and full history — e.g., remove the hard ref or add with: fetch-depth: 0 (and/or fetch-tags: true) so tag refs are present locally before any tag-based git operations.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/publish-fern-docs.yml:
- Around line 55-56: The current tag gate uses startsWith/contains which lets
non-exact semver tags pass; update the three mutating steps' if: conditions (the
"Register new version from tag", "Prune old versions", and "Commit version
changes" steps) to also require the ref matches an exact semver tag using GitHub
expressions, e.g. require github.ref matches '^refs/tags/v\\d+\\.\\d+\\.\\d+$'.
Alternatively compute a single boolean once (e.g. set job output like
is_exact_semver) using that regex and reuse it in the three steps' if:
conditions; change the if: on the existing steps (the lines with
startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-')) to include
the matches(...) check or job-output reference.
---
Duplicate comments:
In @.github/workflows/publish-fern-docs.yml:
- Around line 50-53: The checkout step currently pins with.ref: main which
results in a shallow clone missing tag refs needed later by git archive
"${TAG_VERSION}" and git show-ref refs/tags/..., so update the actions/checkout
step (the uses: actions/checkout entry) to fetch tags and full history — e.g.,
remove the hard ref or add with: fetch-depth: 0 (and/or fetch-tags: true) so tag
refs are present locally before any tag-based git operations.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Enterprise
Run ID: 53819dbc-acbf-4083-8d05-7bae14d7e8a1
📒 Files selected for processing (1)
.github/workflows/publish-fern-docs.yml
PR #936 added ref: main to the checkout step but dropped fetch-tags: true, so the tag ref pushed (e.g., v0.13.0) is not present locally and the 'Register new version from tag' step's 'git archive ${TAG_VERSION}' fails.
Summary
Align docs publishing with release tags and add automatic version registration and pruning to the Fern publish workflow.
Motivation / Context
Fixes: #935
Related: NVIDIA/NVSentinel#1292
Type of Change
Component(s) Affected
Implementation Notes
Adapted from NVIDIA/NVSentinel#1292. Changes to
publish-fern-docs.yml:docs/v*→v[0-9]*.[0-9]*.[0-9]*— release tags drive docs publishingcontents: read→contents: write(needed for commit-back to main)ref: main(needed for commit-back)fern/versions/vX.Y.Z.ymlfrom the tag'sdocs/index.ymland inserts a version entry intodocs.ymlgithub-actions[bot]-(e.g.v1.6.0-rc1) trigger publish but skip registration/pruningPreserved AICR-specific steps: frozen content checkout with MDX sanitization, latest release stamp, URL extraction in publish step summary.
Testing
Workflow-level change — validated by inspecting the diff against the proven NVSentinel implementation. Structural parity confirmed.
Risk Assessment
Rollout notes: Existing
docs/v*tags will no longer trigger publishing. Future releases usingv*tags will automatically register and prune doc versions.Checklist
git commit -S)