Skip to content
Build and deploy HUGO website

Skip automatic deployment job if secrets aren't set (especially for forks) #86

Sign in to view logs

Skip automatic deployment job if secrets aren't set (especially for forks)

Skip automatic deployment job if secrets aren't set (especially for forks) #86

Workflow file for this run

.github/workflows/build_and_deploy.yml at 9fdb456
name: Build and deploy HUGO website
on:
# Runs on pull requests to check that the website is building without errors
pull_request:
# Runs on push/merge to main to deploy the new website
# Only run if the push updates website sources
push:
paths:
- src/**
branches:
- main
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
# Build job
build:
runs-on: ubuntu-latest
steps:
# Checkout repo AND ITS SUBMODULES
- name: πŸ›’ Checkout
uses: actions/checkout@v3
with:
submodules: recursive
# Build the static website with the provided docker-compose rules
- name: πŸ› οΈ Build with HUGO
run: |
docker compose up builder --exit-code-from builder
# Upload build artifacts for deployment or download
- name: πŸš€ Upload Artifacts
uses: actions/upload-artifact@v3
with:
name: build
path: ./build/blog
# Deployment job: heavily inspired from https://swharden.com/blog/2022-03-20-github-actions-hugo/
# /!\ only triggers on push events AND on repos provinding required secrets
deploy:
needs: [build]
## Required secrets:
# - SSH_KNOWN_HOSTS
# - PRIVATE_SSH_KEY
# - CI_USER_NAME
# - STATIC_WEBSITE_PATH
env:
HAVE_REQUIRED_SECRETS: ${{ secrets.SSH_KNOWN_HOSTS != '' && secrets.PRIVATE_SSH_KEY != '' && secrets.CI_USER_NAME != '' && secrets.STATIC_WEBSITE_PATH != '' }}
if: env.HAVE_REQUIRED_SECRETS == 'true'

Check failure on line 52 in .github/workflows/build_and_deploy.yml

View workflow run for this annotation

GitHub Actions / Build and deploy HUGO website

Invalid workflow file 

The workflow is not valid. .github/workflows/build_and_deploy.yml (Line: 52, Col: 9): Unrecognized named-value: 'env'. Located at position 1 within expression: env.HAVE_REQUIRED_SECRETS == 'true'
runs-on: ubuntu-latest
steps:
- name: πŸ› οΈ Setup build directory
run: |
mkdir -p build/blog
- name: πŸ“₯ Download build Artifacts
uses: actions/download-artifact@v3
with:
name: build
path: build/blog
# Create the SSH key file and fill the known_hosts to avoid a prompt from ssh (1st time connecting to remote host)
- name: πŸ” Create Key File
run: |
mkdir ~/.ssh
touch ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
- name: πŸ” Load Host Keys
run: |
echo "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts
- name: πŸ”‘ Populate Key
run: |
echo "${{ secrets.PRIVATE_SSH_KEY }}" > ~/.ssh/id_rsa
# Upload the build to the remote server location: the volume shared by the nginx container serving http requests
# - name: πŸš€ Upload
# run: |
# rsync --archive --stats --verbose --delete ./build/blog/* ${{ secrets.CI_USER_NAME }}@iscsc.fr:${{ secrets.STATIC_WEBSITE_PATH}}
# Finally notify of the new article (if any) on the iScsc discord server
notify:
needs: [deploy]
runs-on: ubuntu-latest
steps:
# Checkout repo, no need to checkout submodule
- name: πŸ›’ Checkout
uses: actions/checkout@v3
# Get the list of added, changed, removed, and renamed files
- name: πŸ“‘ Get changed files
uses: jitterbit/get-changed-files@v1
id: files
with:
format: space-delimited
- name: Print changed files...
run: |
echo "All:"
echo "${{ steps.files.outputs.all }}"
echo "Added:"
echo "${{ steps.files.outputs.added }}"
echo "Removed:"
echo "${{ steps.files.outputs.removed }}"
echo "Renamed:"
echo "${{ steps.files.outputs.renamed }}"
echo "Modified:"
echo "${{ steps.files.outputs.modified }}"
echo "Added+Modified:"
echo "${{ steps.files.outputs.added_modified }}"
- name: πŸ“¨ Notify on Discord
run: |
python3 -m pip install requests PyYAML
python3 ./scripts/new_article.py ${{ steps.files.outputs.added }}