From 382af47ad9e8d83161ace7c5e910f93393ea80cd Mon Sep 17 00:00:00 2001
From: Florian Dieminger <me@fiji-flo.de>
Date: Mon, 8 Apr 2024 16:21:39 +0200
Subject: [PATCH 1/2] test pr-preview

---
 .github/workflows/on-demand-preview-build.yml | 166 ------------------
 .github/workflows/pr-review-companion.yml     |   8 +-
 .github/workflows/pr-test.yml                 |  20 +--
 3 files changed, 9 insertions(+), 185 deletions(-)
 delete mode 100644 .github/workflows/on-demand-preview-build.yml

diff --git a/.github/workflows/on-demand-preview-build.yml b/.github/workflows/on-demand-preview-build.yml
deleted file mode 100644
index 0dec5529814a03a..000000000000000
--- a/.github/workflows/on-demand-preview-build.yml
+++ /dev/null
@@ -1,166 +0,0 @@
-name: On Demand Preview Build
-
-on:
-  workflow_dispatch:
-    inputs:
-      notes:
-        description: "Notes"
-        required: false
-        default: "Default on demand preview build"
-
-      # This is very useful when combined with the "Use workflow from"
-      # feature that is built into the "Run workflow" button on
-      # https://github.com/mdn/yari/actions?query=workflow%3A%22Production+Build%22
-      # If you override the deployment prefix to something like the name
-      # of the branch, you can deploy that entire branch to its own prefix
-      # in S3 which means that it can be fully hosted as its own site.
-      deployment_prefix:
-        description: "Deployment prefix"
-        required: false
-        default: "contributor-docs"
-
-jobs:
-  on-demand-preview-deploy:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup Node.js environment
-        uses: actions/setup-node@v4
-        with:
-          node-version-file: ".nvmrc"
-          cache: yarn
-
-      - name: Install all yarn packages
-        run: yarn --frozen-lockfile
-        env:
-          # https://github.com/microsoft/vscode-ripgrep#github-api-limit-note
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build content
-        env:
-          CONTENT_ROOT: ${{ github.workspace }}/files
-
-          # This is so that if there's a single 'unsafe_html' flaw, it
-          # completely fails the build.
-          # But all other flaws should be 'warn', so that we can include
-          # information about the flaws when we analyze the built PR.
-          BUILD_FLAW_LEVELS: "unsafe_html: error, *:warn"
-
-          # Because we build these pages in a way that you get a toolbar,
-          # so the flaws can be displayed, but we don't want any of the
-          # other toolbar features like "Fix fixable flaws" or "Quick-edit"
-          # we set this to disable that stuff.
-          REACT_APP_CRUD_MODE_READONLY: true
-
-          BUILD_LIVE_SAMPLES_BASE_URL: https://live.mdnyalp.dev
-          BUILD_LEGACY_LIVE_SAMPLES_BASE_URL: https://live-samples.mdn.allizom.net
-
-          # In these builds, we never care for or need the ability to sign in.
-          # This environment variable will disable that functionality entirely.
-          REACT_APP_DISABLE_AUTH: true
-
-          # TODO: This should be implicit when `CI=true`
-          BUILD_NO_PROGRESSBAR: true
-
-          # Playground
-          REACT_APP_PLAYGROUND_BASE_HOST: mdnyalp.dev
-
-        run: |
-          # The reason this script isn't in `package.json` is because
-          # you don't need that script as a writer. It's only used in CI
-          # and it can't use the default CONTENT_ROOT that gets set in
-          # package.json.
-          yarn build
-          echo "Disk usage size of build/"
-          du -sh $BUILD_OUT_ROOT
-
-      - name: Merge static assets with built documents
-        run: |
-          rsync -a node_modules/@mdn/yari/client/build/ build/
-          # Now that build/ directory contains everything you need to deploy
-          # that as a site. HTML, static assets, images, etc.
-          # However, that Yari static files is very heavy and it's in large
-          # part due to the .map files.
-          # In fact, as of March 2021, the client/build/static directory
-          # is 2.3MB but only 864KB without all the .map files.
-          # Let's delete those this time because this isn't the right time
-          # to debug JS or CSS.
-          echo "Before..."
-          du -sh build
-          find build/static -type f -name "*.map" | xargs ls -lh
-          find build/static -type f -name "*.map" | xargs rm
-          echo "After..."
-          du -sh build
-
-      - uses: technote-space/get-diff-action@v6.1.2
-        with:
-          PATTERNS: files/**/*.+(png|jpeg|jpg|gif|svg|webp)
-          ABSOLUTE: true
-          SET_ENV_NAME: GIT_DIFF_FILES
-
-      - name: Install Python
-        id: setup-python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.8"
-
-      # See https://www.peterbe.com/plog/install-python-poetry-github-actions-faster
-      - name: Load cached ~/.local
-        uses: actions/cache@v4
-        with:
-          path: ~/.local
-          # the trailing number is used to increase for getting
-          # a different cache key when this file changes
-          key: dotlocal-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-0
-
-      - name: Install Python poetry
-        uses: snok/install-poetry@v1.3
-        with:
-          virtualenvs-create: true
-          virtualenvs-in-project: true
-
-      - name: Load cached venv
-        id: cached-poetry-dependencies
-        uses: actions/cache@v4
-        with:
-          path: yari/deployer/.venv
-          key: venv-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }}-${{ hashFiles('.github/workflows/pr-review-companion.yml') }}
-
-      - name: Checkout Yari
-        uses: actions/checkout@v4
-        with:
-          repository: mdn/yari
-          path: yari
-
-      - name: Install poetry dependencies
-        if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
-        run: |
-          cd yari/deployer
-          poetry install --no-interaction --no-root
-
-      - name: Install Deployer
-        run: |
-          cd yari/deployer
-          poetry install --no-interaction
-
-      - name: Deploy and analyze built content
-        env:
-          BUILD_OUT_ROOT: ${{ github.workspace }}/build
-          DEPLOYMENT_PREIFIX: ${{ github.event.inputs.deployment_prefix }}
-
-          DEPLOYER_BUCKET_NAME: mdn-content-dev
-          AWS_ACCESS_KEY_ID: ${{ secrets.DEPLOYER_DEV_AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.DEPLOYER_DEV_AWS_SECRET_ACCESS_KEY }}
-          DEPLOYER_LOG_EACH_SUCCESSFUL_UPLOAD: false
-
-        run: |
-          echo "ON DEMAND PREVIEW DEPLOY: $DEPLOYMENT_PREIFIX"
-
-          cd yari/deployer
-
-          poetry run deployer upload \
-            --prefix="$DEPLOYMENT_PREIFIX" \
-            --default-cache-control 0 \
-            "$BUILD_OUT_ROOT"
diff --git a/.github/workflows/pr-review-companion.yml b/.github/workflows/pr-review-companion.yml
index 4a1fcf3f4921b73..08caeda6c4073a4 100644
--- a/.github/workflows/pr-review-companion.yml
+++ b/.github/workflows/pr-review-companion.yml
@@ -5,7 +5,11 @@
 
 name: PR review companion
 
-on: workflow_call
+on:
+  workflow_run:
+    workflows: ["PR Test"]
+    types:
+      - completed
 
 jobs:
   review:
@@ -16,6 +20,8 @@ jobs:
         with:
           name: build
           path: build
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          run-id: ${{ github.event.workflow_run.id }}
 
       - uses: actions/checkout@v4
         with:
diff --git a/.github/workflows/pr-test.yml b/.github/workflows/pr-test.yml
index 2c17a845c0fd751..45044a253eb8ffa 100644
--- a/.github/workflows/pr-test.yml
+++ b/.github/workflows/pr-test.yml
@@ -7,17 +7,13 @@
 name: PR Test
 
 on:
-  # The `GITHUB_TOKEN` in workflows triggered by the `pull_request_target` event
-  # is granted read/write repository access.
-  # Please pay attention to limit the permissions of each job!
-  # https://docs.github.com/actions/using-jobs/assigning-permissions-to-jobs
-  pull_request_target:
+  pull_request:
     branches:
       - main
 
 jobs:
   tests:
-    if: github.repository == 'mdn/content'
+    # if: github.repository == 'mdn/content'
     runs-on: ubuntu-latest
     # Set the permissions to `read-all`, preventing the workflow from
     # any accidental write access to the repository.
@@ -35,8 +31,6 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
-        with:
-          ref: "${{ env.HEAD_SHA }}"
 
       - name: Get changed files
         run: |
@@ -143,13 +137,3 @@ jobs:
 
           export CONTENT_ROOT=$(pwd)/files
           yarn filecheck ${{ env.GIT_DIFF_FILES }}
-
-  review:
-    needs: tests
-    if: ${{ needs.tests.outputs.has_assets }}
-    # write permissions are required to create a comment in the corresponding PR
-    permissions: write-all
-    uses: ./.github/workflows/pr-review-companion.yml
-    # inherit the secrets from the parent workflow
-    # https://docs.github.com/actions/using-workflows/reusing-workflows#using-inputs-and-secrets-in-a-reusable-workflow
-    secrets: inherit

From 51e06312ff9c3994a59c67b48b65697c06937bec Mon Sep 17 00:00:00 2001
From: Florian Dieminger <me@fiji-flo.de>
Date: Mon, 8 Apr 2024 16:23:13 +0200
Subject: [PATCH 2/2] test pr 1

---
 files/en-us/web/index.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/files/en-us/web/index.md b/files/en-us/web/index.md
index 48b7655a81a15f8..6b79e3115ccccf6 100644
--- a/files/en-us/web/index.md
+++ b/files/en-us/web/index.md
@@ -1,5 +1,5 @@
 ---
-title: Web technology for developers
+title: Does this work 🤷‍♂️
 slug: Web
 page-type: landing-page
 ---
@@ -8,6 +8,8 @@ page-type: landing-page
   {{ListSubpages("", 1, 0, 1)}}
 </section>
 
+> **Note:** YES it does.
+
 The open Web presents incredible opportunities for developers. To take full advantage of these technologies, you need to know how to use them. Below you'll find links to our Web technology documentation.
 
 ## Documentation for Web developers