🔧 Fix GitHub Pages deployment permissions

kcharfi24 · kcharfi24 · commit 1aec6f74c2d9 · 2025-10-07T10:12:16.000+02:00
🐛 Fixed Issues:
- Added required permissions for actions/deploy-pages@v4
- Added id-token: write permission for OIDC token generation
- Added concurrency control for deployment jobs
- Fixed ACTIONS_ID_TOKEN_REQUEST_URL error

🔧 Changes Made:
- Added permissions block to deploy.yml
- Added concurrency control for branch-specific deployments
- Created test-deploy.yml for testing deployment setup
- Added PAGES_SETUP.md with complete setup instructions

📋 Required Permissions:
- contents: read (read repository contents)
- pages: write (deploy to GitHub Pages)
- id-token: write (generate OIDC tokens)

🧪 Testing:
- Created test-deploy.yml for safe testing
- Added environment-specific deployment
- Added verification steps

📚 Documentation:
- Complete GitHub Pages setup guide
- Troubleshooting common issues
- Security considerations
- Monitoring instructions
diff --git a/.github/PAGES_SETUP.md b/.github/PAGES_SETUP.md
@@ -0,0 +1,139 @@
+# 🚀 GitHub Pages Setup Guide
+
+## 🔧 **Required Setup Steps**
+
+### **1. Enable GitHub Pages**
+1. Go to your repository **Settings**
+2. Navigate to **Pages** section
+3. Under **Source**, select **"GitHub Actions"**
+4. Save the settings
+
+### **2. Create Deployment Environments**
+
+#### **Production Environment:**
+1. Go to **Settings** → **Environments**
+2. Click **"New environment"**
+3. Name: `github-pages`
+4. Click **"Configure environment"**
+5. Add protection rules if needed:
+   - ✅ **Required reviewers** (optional)
+   - ✅ **Wait timer** (optional)
+6. Click **"Save protection rules"**
+
+#### **Staging Environment:**
+1. Go to **Settings** → **Environments**
+2. Click **"New environment"**
+3. Name: `github-pages-staging`
+4. Click **"Configure environment"**
+5. Add protection rules if needed
+6. Click **"Save protection rules"**
+
+### **3. Verify Permissions**
+Ensure your repository has the following permissions:
+- ✅ **Actions** enabled
+- ✅ **Pages** enabled
+- ✅ **Contents** read access
+- ✅ **Metadata** read access
+
+## 🧪 **Test Deployment**
+
+### **Run Test Workflow:**
+```bash
+# Test staging deployment
+gh workflow run test-deploy.yml -f test_environment=staging
+
+# Test production deployment
+gh workflow run test-deploy.yml -f test_environment=production
+```
+
+### **Check Deployment Status:**
+```bash
+# View workflow runs
+gh run list --workflow=test-deploy.yml
+
+# View specific run
+gh run view <run-id> --log
+```
+
+## 🔍 **Troubleshooting**
+
+### **Common Issues:**
+
+#### **1. "Unable to get ACTIONS_ID_TOKEN_REQUEST_URL"**
+**Solution:** Ensure the workflow has the correct permissions:
+```yaml
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+```
+
+#### **2. "Environment not found"**
+**Solution:** Create the required environments:
+- `github-pages` (for production)
+- `github-pages-staging` (for staging)
+
+#### **3. "Pages build failed"**
+**Solution:** Check the build output and ensure:
+- All required files are present
+- No build errors
+- Proper file structure
+
+#### **4. "Permission denied"**
+**Solution:** Verify repository settings:
+- Actions are enabled
+- Pages are enabled
+- Correct source is selected
+
+## 📋 **Deployment Workflow**
+
+### **Automatic Deployment:**
+- **Push to `main`** → Deploys to production
+- **Push to `next`** → Deploys to staging
+- **Manual trigger** → Choose environment
+
+### **Manual Deployment:**
+```bash
+# Deploy to production
+gh workflow run deploy.yml -f environment=production
+
+# Deploy to staging
+gh workflow run deploy.yml -f environment=staging
+```
+
+## 🔒 **Security Considerations**
+
+### **Environment Protection:**
+- **Production:** Consider adding required reviewers
+- **Staging:** Can be auto-deployed
+- **Secrets:** Store in environment-specific secrets if needed
+
+### **Branch Protection:**
+- Require pull request reviews
+- Require status checks
+- Require up-to-date branches
+
+## 📊 **Monitoring**
+
+### **Check Deployment Status:**
+1. Go to **Actions** tab
+2. Find your deployment workflow
+3. Check the logs for any errors
+4. Verify the deployment URL
+
+### **View Deployed Site:**
+- **Production:** `https://khalilcharfi.github.io`
+- **Staging:** `https://khalilcharfi.github.io` (next branch)
+
+## 🎯 **Next Steps**
+
+1. ✅ **Enable GitHub Pages** in repository settings
+2. ✅ **Create environments** (github-pages, github-pages-staging)
+3. ✅ **Test deployment** using test-deploy.yml
+4. ✅ **Verify permissions** are correct
+5. ✅ **Run main deployment** workflow
+
+---
+
+*Follow these steps to set up GitHub Pages deployment* 🚀
+*Last updated: $(date)*
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -12,6 +12,15 @@ on:
         type: choice
         options: [production, staging]
 
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: "pages-${{ github.ref_name }}"
+  cancel-in-progress: false
+
 env:
   NODE_VERSION: '22'
   ULTRA_LIGHT: true
diff --git a/.github/workflows/test-deploy.yml b/.github/workflows/test-deploy.yml
@@ -0,0 +1,84 @@
+name: 🧪 Test Deploy
+
+on:
+  workflow_dispatch:
+    inputs:
+      test_environment:
+        description: 'Test environment'
+        required: true
+        default: 'staging'
+        type: choice
+        options: [staging, production]
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: "test-pages-${{ github.ref_name }}"
+  cancel-in-progress: false
+
+env:
+  NODE_VERSION: '22'
+
+jobs:
+  test-deploy:
+    name: 🧪 Test Deployment
+    runs-on: ubuntu-latest
+    environment:
+      name: ${{ inputs.test_environment == 'production' && 'github-pages' || 'github-pages-staging' }}
+    
+    steps:
+      - name: ⚡ Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+      
+      - name: ⚡ Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+      
+      - name: ⚡ Install dependencies
+        run: npm ci --prefer-offline --no-audit --no-fund --silent
+      
+      - name: ⚡ Build project
+        run: npm run build:prod
+        env:
+          NODE_ENV: production
+      
+      - name: ⚡ Create test page
+        run: |
+          echo "<!DOCTYPE html>
+          <html>
+          <head>
+            <title>Test Deploy - $(date)</title>
+            <meta charset='utf-8'>
+          </head>
+          <body>
+            <h1>🚀 Test Deployment Successful!</h1>
+            <p>Environment: ${{ inputs.test_environment }}</p>
+            <p>Branch: ${{ github.ref_name }}</p>
+            <p>Commit: ${{ github.sha }}</p>
+            <p>Time: $(date -u)</p>
+            <p>This is a test deployment to verify GitHub Pages setup.</p>
+          </body>
+          </html>" > dist/index.html
+      
+      - name: ⚡ Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: './dist'
+      
+      - name: ⚡ Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4
+      
+      - name: ⚡ Verify deployment
+        run: |
+          echo "🚀 Test deployment completed!"
+          echo "Environment: ${{ inputs.test_environment }}"
+          echo "URL: ${{ steps.deployment.outputs.page_url }}"
+          echo "✅ GitHub Pages deployment test successful!"
