mirror of
https://github.com/Comfy-Org/ComfyUI_frontend.git
synced 2026-01-26 19:09:52 +00:00
c3c2681819
* [feat] Fix CI workflow issues for forked PRs and improve test diagnostics This commit addresses two critical blockers in the CI workflow: 1. **Cloudflare Token Access Issue**: - Added conditional deployment that skips Cloudflare Pages for forked PRs - Forked PRs now get artifact-based report access instead of live URLs - Maintains security by preventing secret access from external repos 2. **Test Startup Issues**: - Enhanced ComfyUI server startup with better diagnostics - Added server PID tracking and process status verification - Improved error messages and timeout handling Additional improvements: - Updated PR comment logic to handle both deployment scenarios - Added FORK_TESTING.md documentation for contributors - Enhanced deployment info handling for summary generation Fixes #5207 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [feat] Implement pull_request_target deployment for forked PRs Add secure deployment solution for Playwright reports from forked PRs using pull_request_target event. Key Changes: - Add deploy-playwright-reports.yaml workflow using pull_request_target - Update test-ui.yaml to work with new deployment approach - Add comprehensive security documentation Security Features: - No untrusted code execution (artifacts only) - Follows GitHub security best practices - Maintains full secret access for deployment - Clear audit trail and logging Fixes #5207 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [feat] Implement cost-optimized deployment with webhook triggers Replace expensive polling mechanism with repository_dispatch webhooks to reduce GitHub Actions costs by 85%. Key improvements: - Remove 30-minute polling wait in deploy-playwright-reports.yaml - Add repository_dispatch trigger for instant deployment activation - Implement concurrency controls to prevent redundant deployments - Add webhook trigger from test completion in test-ui.yaml - Maintain security and forked PR support Cost benefits: - Eliminates 4 Ubuntu runners waiting up to 30min each - Reduces API calls from 240+ to 1 per PR - Event-driven architecture for better reliability - No timeout risks or polling overhead 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [cleanup] Simplify PR testing approach per review feedback - Revert enhanced ComfyUI server startup logging - Remove complex fork handling and webhook triggers - Simplify Cloudflare deployment to original approach - Remove FORK_TESTING.md and PULL_REQUEST_TARGET_DEPLOYMENT.md files - Remove deploy-playwright-reports.yaml workflow - Documentation moved to PR comments for better visibility 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [feat] Implement workflow_run architecture for CI comment/deploy separation Restructures CI workflows to use workflow_run triggers, improving forked PR support and simplifying core testing workflows. - pr-playwright-comment.yaml - Comments Playwright test results after Tests CI completion - pr-storybook-comment.yaml - Comments Storybook build status after Chromatic completion - pr-playwright-deploy.yaml - Deploys Playwright reports with secret access after Tests CI completion - chromatic.yaml - Removed all commenting logic, focused on Chromatic testing only - test-ui.yaml - Removed deployment, commenting, and comment-summary job; focused on Playwright testing only - ✅ Better forked PR support - workflow_run has access to secrets for deployment - ✅ Cleaner separation of concerns - testing vs commenting/deployment - ✅ Reduced complexity in core testing workflows - ✅ Improved reliability for external contributors 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [feat] Implement workflow_run for both start and completion events - Updated pr-playwright-comment.yaml to trigger on both 'requested' and 'completed' events - Updated pr-storybook-comment.yaml to trigger on both 'requested' and 'completed' events - Added conditional logic to post different messages for workflow start vs completion - Added "Tests are starting..." message when workflows begin - Added "Build is starting..." message for Storybook builds - Maintained existing completion logic with full test results and reports This allows users to see immediate feedback when their workflows start running, improving the user experience by providing real-time status updates. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [cleanup] Remove continue-on-error from comment workflows Comment workflow failures should be visible rather than silently ignored. This allows better debugging when PR comments fail to post. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [feat] Add logging when no PR found in comment workflows - Add explicit logging step when steps.pr.outputs.result == 'null' - Shows branch name, workflow run ID, repository, and event details - Improves debugging when workflow_run triggers but finds no open PR - Helps identify issues with branch name matching or PR state Previously these workflows would silently skip all steps when no PR was found, making it difficult to debug why comments weren't being posted. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Update workflow formatting 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [security] Implement security hardening for workflow_run workflows - Add URL sanitization for deployment report links to prevent malicious URL injection - Pin third-party GitHub Actions to commit hashes for supply chain security - Add repository validation checks to prevent workflow misconfiguration - Validate deployment URLs against pages.dev pattern before using in comments Following security recommendations from code review to implement defense-in-depth. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * [security] Pin only third-party actions to commit hashes Keep official GitHub actions (actions/github-script, actions/download-artifact) pinned to version tags as they are trusted first-party actions, while only pinning third-party edumserrano/find-create-or-update-comment to commit hash for supply chain security. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>