chore/update-cloudfront-action

[ivan-angjelkoski]

This pull request updates the S3 deployment workflow in actions/deploy/s3-cloudfront/action.yml to improve asset caching strategies and refine which files are uploaded or excluded in each deployment step. The changes focus on better separation of immutable, cacheable, and no-cache assets, and ensure more precise cache-control headers for different asset types.

Asset upload and cache control improvements:

• Added a dedicated step to upload immutable Nuxt assets (.output/public/_nuxt/) to S3 with a long-term, immutable cache-control header, and excluded unnecessary files (e.g., source maps, builds, manifest).
• Refined the static assets upload step to exclude all Nuxt assets and additional files (e.g., HTML, maps, payloads), and set an appropriate cache-control header for cacheable assets.
• Updated the HTML and no-cache files upload step to include payload files and set stricter no-cache headers (no-cache,max-age=0) for HTML and other frequently changing files.
• Improved the stale asset deletion step by expanding exclusions and aligning cache-control headers with the updated asset strategy.

These changes help ensure that assets are cached appropriately in browsers and CDNs, reducing unnecessary re-downloads and improving site performance, while ensuring that frequently changing files are always

Summary by CodeRabbit

Chores

• Optimized static asset deployment workflow with improved caching strategy for enhanced performance and faster content delivery.

[coderabbitai]

📝 Walkthrough

Walkthrough

The composite GitHub Action for S3/CloudFront deployment is updated to replace a single generic asset upload sync with four targeted sync steps, each applying specific cache-control headers and include/exclude filters. The stale-asset deletion step is revised and a separate aws s3 rm command is added to remove *.map files.

Changes

S3/CloudFront deploy upload phase split

Layer / File(s)	Summary
Immutable and cacheable static asset uploads actions/deploy/s3-cloudfront/action.yml	Adds a dedicated sync for _nuxt/ assets with immutable cache-control, and a second sync for cacheable statics from .output/public/ (excluding _nuxt/*, HTML, maps, and SEO files) with long-lived public cache-control.
HTML and no-cache payload uploads actions/deploy/s3-cloudfront/action.yml	Reworks HTML and payload uploads into two include-driven sync calls applying no-cache,max-age=0: one for *.html and payload JSON, one for _nuxt build/manifest files and site metadata.
Stale asset deletion and map file removal actions/deploy/s3-cloudfront/action.yml	Updates the --delete sync with revised include/exclude lists and removes prior --expires usage; adds a separate aws s3 rm --recursive --include "*.map" command for map file cleanup.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 Hoppity-hop, the assets align,
Each cache-control header now perfectly fine.
Immutable chunks get a long-lived stay,
No-cache for HTML — fresh every day!
Maps swept away with a tidy rm,
The rabbit deploys with great vim! 🌟

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title is vague and generic, using only 'chore/update-cloudfront-action' without conveying what specifically was improved in the cloudfront action.	Consider using a more specific title like 'Refactor S3/CloudFront deployment with granular asset caching strategies' or 'Split asset uploads into immutable, cacheable, and no-cache categories'.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/update-cloudfront-action

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@actions/deploy/s3-cloudfront/action.yml`:
- Around line 71-83: The aws s3 sync command with --delete flag at lines 71-83
excludes files like *.html, _payload.json, and _nuxt/* that are uploaded
separately in lines 49-67, causing stale artifacts to persist in S3 when removed
from new builds. Either create a dedicated aws s3 sync command with --delete
that explicitly includes (rather than excludes) the no-cache file patterns
matching lines 49-67 with appropriate no-cache headers, or remove the exclusions
(--exclude "*.html", --exclude "*/_payload.json", --exclude "_nuxt/*", etc.)
from this sync command so those objects properly participate in deletion when
removed from the build. The goal is to ensure that deleted routes and assets are
actually removed from S3 instead of remaining as stale artifacts.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 6bf2e1cc-1222-4ad2-8f64-2a047881a005

📥 Commits

Reviewing files that changed from the base of the PR and between ccb3457 and 1c33b49.

📒 Files selected for processing (1)

• actions/deploy/s3-cloudfront/action.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Stale no-cache artifacts are never removed from S3.

The only --delete sync excludes *.html, _payload.json, site metadata, and all _nuxt/*, while those paths are uploaded in Lines 49-67 without --delete. Removed routes/assets from new builds will remain in S3 and can continue to be served.

Use a dedicated --delete sync for the no-cache include set (same include patterns as Lines 49-67, with no-cache headers), or narrow this exclusion set so those objects participate in deletion safely.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@actions/deploy/s3-cloudfront/action.yml` around lines 71 - 83, The aws s3
sync command with --delete flag at lines 71-83 excludes files like *.html,
_payload.json, and _nuxt/* that are uploaded separately in lines 49-67, causing
stale artifacts to persist in S3 when removed from new builds. Either create a
dedicated aws s3 sync command with --delete that explicitly includes (rather
than excludes) the no-cache file patterns matching lines 49-67 with appropriate
no-cache headers, or remove the exclusions (--exclude "*.html", --exclude
"*/_payload.json", --exclude "_nuxt/*", etc.) from this sync command so those
objects properly participate in deletion when removed from the build. The goal
is to ensure that deleted routes and assets are actually removed from S3 instead
of remaining as stale artifacts.