feat: add auot build main module docs yml

[wuyiping0628]

PR

PR Checklist

Please check if your PR fulfills the following requirements:

• The commit message follows our Commit Message Guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

• Bugfix
• Feature
• Code style update (formatting, local variables)
• Refactoring (no functional changes, no api changes)
• Build related changes
• CI related changes
• Documentation content changes
• Other... Please describe:

What is the current behavior?

Issue Number: N/A

What is the new behavior?

Does this PR introduce a breaking change?

• Yes
• No

Other information

Summary by CodeRabbit

• Chores
  • Added an automated CI workflow to build and verify the main documentation on pull requests and pushes to the dev branch; PR status is updated with pass/fail and the workflow always reports the final outcome.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Adds a GitHub Actions workflow that triggers on pull requests and pushes to the dev branch to checkout repositories and submodules, install dependencies with pnpm, build the docs site, and report build status to the PR.

Changes

Cohort / File(s)	Summary
GitHub Actions workflow .github/workflows/auto-build-main-module-docs.yml	New workflow that runs on pull_request and push to dev. Sets up SSH agent, checks out the submodule and main docs repo (with submodule sync and PR head checkout), configures pnpm (v9), runs pnpm i and pnpm build in the docs directory, and updates PR status with success/failure.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant GH as GitHub Actions
  participant Runner as Ubuntu Runner
  participant SSH as SSH Agent
  participant GitHubRepo as Tiny-Vue Submodule Repo
  participant DocsRepo as Main Docs Repo
  participant PNPM as pnpm Build

  GH->>Runner: trigger on pull_request / push (dev)
  Runner->>SSH: start agent using SUBMODULE_SSH_KEY
  Runner->>GitHubRepo: checkout submodule (fetch-depth:0, PR head)
  Runner->>DocsRepo: clone docs repo, sync & init submodules
  Runner->>GitHubRepo: update submodule ref (commit if needed)
  Runner->>PNPM: setup pnpm v9
  Runner->>PNPM: run `pnpm i` then `pnpm build` in docs
  PNPM-->>Runner: build success / failure
  Runner->>GH: update PR status (success or failure)

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Review focus:
  • SSH key usage and permissions for submodule checkout
  • Correctness of checkout steps (fetch-depth, PR head handling)
  • pnpm setup/version and build commands
  • Status update and error handling steps

Poem

🐰 A tiny rabbit hops to build the docs,
Keys click-clack while submodules unlock,
Packages install and pages wake,
A PR lights up for celebration's sake,
Hooray—the pipeline hums and hops! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title contains a typo ('auot' instead of 'auto') and is only partially related to the main change, which is adding a GitHub Actions workflow for automatic documentation building.	Correct the typo to 'feat: add auto build main module docs yml' for clarity and professionalism.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (2)

.github/workflows/auto-build-main-module-docs.yml (2)

12-14: Permission pull-requests: write is granted but not utilized.

The workflow declares pull-requests: write permission but never actually updates the PR status via the GitHub API. The "Update PR status" step only prints to the console.

If you intend to post build results to the PR, consider using an action like actions/github-script or the GitHub CLI:

- name: Update PR status
  if: always() && github.event_name == 'pull_request'
  uses: actions/github-script@v7
  with:
    script: |
      const status = '${{ job.status }}' === 'success' ? '✅ 主仓库构建成功' : '❌ 主仓库构建失败';
      github.rest.issues.createComment({
        issue_number: context.issue.number,
        owner: context.repo.owner,
        repo: context.repo.repo,
        body: status
      });

Otherwise, remove the unused permission.

---

50-53: Consider specifying Node.js version for consistency.

While pnpm version 9 is specified, no Node.js version is set. This relies on the default Node.js version in ubuntu-latest, which may change over time.

Add a Node.js setup step before pnpm:

    - name: Setup Node.js
      uses: actions/setup-node@v4
      with:
        node-version: '20'  # or your preferred version
        
    - name: Setup pnpm
      uses: pnpm/action-setup@v3
      with:
        version: 9

📜 Review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f018f4f and e11d946.

📒 Files selected for processing (1)

• .github/workflows/auto-build-main-module-docs.yml (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.9)

.github/workflows/auto-build-main-module-docs.yml

27-27: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/reference/security/secure-use#good-practices-for-mitigating-script-injection-attacks for more details

(expression)

🔇 Additional comments (2)

.github/workflows/auto-build-main-module-docs.yml (2)

20-24: Checkout configuration looks good.

Using fetch-depth: 0 ensures full git history is available, which is appropriate for submodule operations.

---

55-60: Build commands look appropriate.

The build steps correctly use the working-directory and execute standard pnpm commands.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (3)

.github/workflows/auto-build-main-module-docs.yml (3)

3-7: Workflow will fail on push events due to missing branch reference.

This issue was previously flagged: github.head_ref on line 39 is only available for pull_request events, not push events. The workflow needs to either remove the push trigger or handle both event types differently.

---

36-41: Script injection vulnerability using untrusted input.

This issue was previously flagged: Using ${{ github.head_ref }} directly in shell script creates a script injection risk. The fix is to pass it through an environment variable.

---

47-48: Git commit will fail without user configuration.

This issue was previously flagged: The git commit command requires user identity configuration in the Actions runner.

🧹 Nitpick comments (1)

.github/workflows/auto-build-main-module-docs.yml (1)

63-72: Consider renaming step to match its actual behavior.

The step is named "Update PR status" but only logs messages to the workflow console. It doesn't create PR comments or update GitHub status checks via the API, despite having pull-requests: write permission.

Consider renaming to better reflect its purpose:

-    - name: Update PR status
+    - name: Report build status
       if: always()

📜 Review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e11d946 and a698cec.

📒 Files selected for processing (1)

• .github/workflows/auto-build-main-module-docs.yml (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.9)

.github/workflows/auto-build-main-module-docs.yml

27-27: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/reference/security/secure-use#good-practices-for-mitigating-script-injection-attacks for more details

(expression)

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Quote the workflow expression in shell test for robustness.

The unquoted expression ${{ steps.build.outcome }} could cause a syntax error if the value is empty or contains unexpected characters.

Apply this diff:

-        if [ ${{ steps.build.outcome }} == 'success' ]; then
+        if [ "${{ steps.build.outcome }}" == "success" ]; then

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if [ ${{ steps.build.outcome }} == 'success' ]; then
	if [ "${{ steps.build.outcome }}" == "success" ]; then

🤖 Prompt for AI Agents

.github/workflows/auto-build-main-module-docs.yml around line 67: the shell test
uses an unquoted workflow expression (${{
steps.build.outcome }}) which can cause syntax errors if empty or contains
spaces; update the test to wrap the expression in quotes so the shell sees a
single word (e.g., quote the substituted value on both sides of the comparison)
to make the condition robust and prevent failures when the variable is empty or
has special characters.