Add basic API auth #304
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and deploy | |
on: | |
push: | |
paths: | |
- "src/**/*" | |
- "_config.ts" | |
- "CNAME" | |
- "deps.ts" | |
- ".rebuild" # same ^^ | |
- ".github/workflows/deploy.yml" | |
env: | |
DENO_VERSION: v1.40.3 | |
BUILD_ARTIFACT: johan.im-build | |
BUILD_FOLDER: build | |
MASTODON_LOG_FILE: .mastodon-notes | |
NOTES_DIR: src/notes | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup Deno | |
uses: denoland/setup-deno@v1 | |
with: | |
deno-version: ${{ env.DENO_VERSION }} | |
- name: Build site | |
run: deno task build | |
env: | |
NODE_ENV: production | |
ENV: production | |
- name: Upload build | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.BUILD_ARTIFACT }} | |
path: ${{ env.BUILD_FOLDER }} | |
retention-days: 1 | |
deploy: | |
name: Deploy | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Download build | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.BUILD_ARTIFACT }} | |
path: ${{ env.BUILD_FOLDER }} | |
- name: Deploy to GitHub Pages | |
if: github.ref_name == 'main' | |
uses: JamesIves/github-pages-deploy-action@v4 | |
with: | |
# The branch the action should deploy to. | |
branch: gh-pages | |
# The folder the action should deploy. | |
folder: ${{ env.BUILD_FOLDER }} | |
- name: Purge Cloudflare cache | |
if: github.ref_name == 'main' | |
uses: jakejarvis/cloudflare-purge-action@master | |
env: | |
CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }} | |
CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} | |
check_latest_note: | |
name: Check latest note | |
runs-on: ubuntu-latest | |
outputs: | |
do_post: ${{ steps.mastodon_note_check.outputs.do_post }} | |
latest_note_id: ${{ steps.mastodon_note_check.outputs.latest_note_id }} | |
latest_note_path: ${{ steps.mastodon_note_check.outputs.latest_note_path }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Check if latest note is already posted | |
id: mastodon_note_check | |
run: | | |
latest="$NOTES_DIR/$(ls -r1 "$NOTES_DIR" | grep -v "_" | head -n 1)" | |
note_id=$(./script/check-mastodon-note.sh "$latest") | |
[ -z "$note_id" ] && echo "Latest note $latest is posted. Bail." || echo "Latest note $latest is not posted. Do post." | |
[ ! -z "$note_id" ] && echo "do_post=true" >> "$GITHUB_OUTPUT" | |
echo "latest_note_id=$note_id" >> "$GITHUB_OUTPUT" | |
echo "latest_note_path=$latest" >> "$GITHUB_OUTPUT" | |
cat "$GITHUB_OUTPUT" | |
env: | |
NOTES_DIR: ${{ env.NOTES_DIR }} | |
post_mastodon: | |
name: Post to Mastodon | |
needs: [deploy, check_latest_note] # can't send post with permalink until site is deployed | |
runs-on: ubuntu-latest | |
if: needs.check_latest_note.outputs.do_post == 'true' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Wait for site to deploy | |
timeout-minutes: 5 | |
run: ./script/wait-for-status.sh "$LATEST_NOTE_PATH" | |
env: | |
LATEST_NOTE_PATH: ${{ needs.check_latest_note.outputs.latest_note_path }} | |
- name: Setup Deno | |
uses: denoland/setup-deno@v1 | |
with: | |
deno-version: ${{ env.DENO_VERSION }} | |
- name: Post to Mastodon API | |
run: deno run --allow-net --allow-read --allow-write --allow-env script/mastodon.ts "$LATEST_NOTE_PATH" | |
env: | |
MASTODON_ACCESS_TOKEN: ${{ secrets.MASTODON_ACCESS_TOKEN }} | |
LATEST_NOTE_PATH: ${{ needs.check_latest_note.outputs.latest_note_path }} | |
- name: Write to log | |
run: | | |
echo "$LATEST_UNPOSTED" >> $MASTODON_LOG_FILE | |
cat "$MASTODON_LOG_FILE" | |
env: | |
MASTODON_LOG_FILE: ${{ env.MASTODON_LOG_FILE }} | |
LATEST_UNPOSTED: ${{ needs.check_latest_note.outputs.latest_note_id }} | |
- name: Commit and push posted notes | |
run: | | |
git config user.name "Automated" | |
git config user.email "[email protected]" | |
git add $MASTODON_LOG_FILE | |
timestamp=$(date -u) | |
git commit -m "Latest post to Mastodon: $timestamp [skip-ci]" || exit 0 | |
git push | |
env: | |
MASTODON_LOG_FILE: ${{ env.MASTODON_LOG_FILE }} |