-
Notifications
You must be signed in to change notification settings - Fork 8
131 lines (118 loc) · 4.76 KB
/
build_and_deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Build and deploy HUGO website
on:
# Runs on pull requests to check that the website is building without errors
pull_request:
# Runs on push/merge to main to deploy the new website
# Only run if the push updates website sources
push:
paths:
- src/**
branches:
- main
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
# Build job
build:
runs-on: ubuntu-latest
steps:
- name: Debug
run: |
echo "github.event.repository.fork = ${{ github.event.repository.fork }}"
echo "github.event_name = ${{ github.event_name }}"
# Checkout repo AND ITS SUBMODULES
- name: 🛒 Checkout
uses: actions/checkout@v3
with:
submodules: recursive
# Build the static website with the provided docker-compose rules
- name: 🛠️ Build with HUGO
run: |
docker compose up builder --exit-code-from builder
# Upload build artifacts for deployment or download
- name: 🚀 Upload Artifacts
uses: actions/upload-artifact@v3
with:
name: prod-build
path: ./build/blog/prod
# Deployment job: heavily inspired from https://swharden.com/blog/2022-03-20-github-actions-hugo/
# /!\ only triggers on (push events AND NOT fork repos) OR manually triggered
## Required secrets:
# - SSH_KNOWN_HOSTS
# - PRIVATE_SSH_KEY
# - CI_USER_NAME
# - REPO_PATH_ON_REMOTE
deploy:
needs: [build]
# DISCLAIMER:
# The following is a very POOR solution to avoid *failing deploy step* due to missing secrets
# on fork repositories, but sadly the `env` context is not accessible from `jobs.<job_id>.if`:
# https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability
#
# If for any reason you want to trigger this step on your fork remove the following line,
# trigger manually or open an issue https://github.com/iScsc/blog.iscsc.fr/issues,
# we'll find a better way to skip this step.
if: ${{ (github.event_name == 'push' && ! github.event.repository.fork) || github.event_name == 'workflow_dispatch' }}
runs-on: ubuntu-latest
steps:
- name: 🛠️ Setup build directory
run: |
mkdir -p build/blog/prod
- name: 📥 Download build Artifacts
uses: actions/download-artifact@v3
with:
name: prod-build
path: build/blog/prod
# Create the SSH key file and fill the known_hosts to avoid a prompt from ssh (1st time connecting to remote host)
- name: 🔐 Create Key File
run: |
mkdir ~/.ssh
touch ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
- name: 🔐 Load Host Keys
run: |
echo "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts
- name: 🔑 Populate Key
run: |
echo "${{ secrets.PRIVATE_SSH_KEY }}" > ~/.ssh/id_rsa
# Upload the build to the remote server location: the volume shared by the nginx container serving http requests
- name: 🚀 Upload
run: |
rsync --archive --stats --verbose --delete ./build/blog/prod/* ${{ secrets.CI_USER_NAME }}@iscsc.fr:${{ secrets.REPO_PATH_ON_REMOTE }}/build/blog/prod
- name: ⏬ Remote git pull
run: |
ssh ${{ secrets.CI_USER_NAME }}@iscsc.fr /usr/bin/bash ${{ secrets.REPO_PATH_ON_REMOTE }}/scripts/remote_git_pull.sh ${{ secrets.REPO_PATH_ON_REMOTE }}
# Finally notify of the new article (if any) on the iScsc discord server
# action jitterbit/get-changed-files@v1 doesn't support 'workflow_dispatch' events: https://github.com/jitterbit/get-changed-files/issues/38
notify:
needs: [deploy]
if: ${{ github.event_name != 'workflow_dispatch' }}
runs-on: ubuntu-latest
steps:
# Checkout repo, no need to checkout submodule
- name: 🛒 Checkout
uses: actions/checkout@v3
# Get the list of added, changed, removed, and renamed files
- name: 📑 Get changed files
uses: jitterbit/get-changed-files@v1
id: files
with:
format: space-delimited
- name: Print changed files...
run: |
echo "All:"
echo "${{ steps.files.outputs.all }}"
echo "Added:"
echo "${{ steps.files.outputs.added }}"
echo "Removed:"
echo "${{ steps.files.outputs.removed }}"
echo "Renamed:"
echo "${{ steps.files.outputs.renamed }}"
echo "Modified:"
echo "${{ steps.files.outputs.modified }}"
echo "Added+Modified:"
echo "${{ steps.files.outputs.added_modified }}"
- name: 📨 Notify on Discord
run: |
python3 -m pip install requests PyYAML
python3 ./scripts/new_article.py ${{ steps.files.outputs.added }}