Skip to content

fix: docs-validation broken links + helm-release fork guard#164

Merged
shudonglin merged 2 commits into
mainfrom
fix/post-sync-2026-07-05
Jul 5, 2026
Merged

fix: docs-validation broken links + helm-release fork guard#164
shudonglin merged 2 commits into
mainfrom
fix/post-sync-2026-07-05

Conversation

@shudonglin

Copy link
Copy Markdown

Summary

Two issues found during today's post-sync audit (following PR #163):

  1. Docs Validation has been red on every docs/** push since sync PR fix: sync upstream security and quality fixes #159 (first observed 2026-06-27, recurring today): docs/enterprise/setting-up-entra/scim.mdx references 9 /media/user-provisioning/entra/*.png screenshots that were never added. Removed the 9 broken <Frame><img> blocks (surrounding instructional text is unaffected — the doc still walks through every step, just without the screenshot). Also added the missing docs.json nav entry for enterprise/setting-up-entra/scim (the page existed but was unreachable from nav — Okta/generic-oidc have both oidc + scim listed, Entra only had oidc).
    • Verified with cd docs && npx mintlify broken-linkssuccess no broken links found.
  2. helm-release.yml had no fork guard, unlike release-pipeline.yml / openapi-bundle.yml / release-bifrost-migration-cli.yml. It hardcodes pushes to upstream's own oci://ghcr.io/maximhq/helm-charts, oci://registry-1.docker.io/maximhq/helm-charts, and maximhq.github.io Pages. It triggers on push:[main] whenever helm-charts/bifrost/** changes (e.g. a future upstream sync), which would create bogus releases/Pages content and attempt package pushes under the fork's identity. Added the same github.repository == 'maximhq/bifrost' guard as the other release workflows and documented it in .github/fork-patches.txt.

Test plan

  • python3 -m json.tool docs/docs.json — valid JSON
  • cd docs && npx mintlify broken-links — passes locally
  • CI: Docs Validation green on this branch
  • CI: no other check regressed

Generated by Claude Code

claude added 2 commits July 5, 2026 09:15
- docs/enterprise/setting-up-entra/scim.mdx: remove 9 <Frame><img>
  references to /media/user-provisioning/entra/*.png screenshots that
  were never added (sync PR #159), breaking `mintlify broken-links`
  on every push to main since; add the missing docs.json nav entry
  for enterprise/setting-up-entra/scim (was reachable only via the
  Okta/generic-oidc sibling pages, never listed in nav).
- .github/workflows/helm-release.yml: add the same
  `github.repository == 'maximhq/bifrost'` guard already applied to
  release-pipeline.yml/openapi-bundle.yml/release-bifrost-migration-cli.yml.
  This workflow was unguarded despite hardcoding pushes to upstream's
  own ghcr.io/Docker Hub/GitHub Pages targets under maximhq/*; any
  future sync touching helm-charts/bifrost/** would trigger it on the
  fork's main and push bogus releases/pages content under the fork's
  identity.
echo '${{ inputs.dismissals }}' interpolates the raw JSON into a
single-quoted shell string; the required dismissed_reason value
"won't fix" contains an apostrophe that terminates the quote early,
corrupting the whole command (observed failure: run 28735975130,
exit 127). Pass the JSON through an env var instead so the shell
never re-parses embedded quote characters.
@shudonglin shudonglin marked this pull request as ready for review July 5, 2026 09:44
@shudonglin shudonglin merged commit 88e0956 into main Jul 5, 2026
5 checks passed
@shudonglin shudonglin deleted the fix/post-sync-2026-07-05 branch July 5, 2026 09:44
shudonglin added a commit that referenced this pull request Jul 5, 2026
PR #166 added continue-on-error to the Docs Validation broken-links
step as a quarantine for the 9 missing scim.mdx image links, merged
concurrently with #164 which fixed the actual broken links (removed
the dead <Frame><img> references, added the missing docs.json nav
entry). With the root cause fixed, the quarantine is dead weight that
would silently mask any *new* broken link in docs/** going forward.
Verified: `cd docs && npx mintlify broken-links` still passes without
continue-on-error.

Co-authored-by: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants