GitHub Pages Deployment #1006
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "GitHub Pages Deployment" | |
# This GitHub Action workflow triggers in two scenarios - | |
# 1. When a push is made to the main branch | |
# 2. When a pull request is either opened, synchronized, reopened, | |
# or closed, and the target is the main branch. If the change | |
# is just to the podcast_audio file, then it is ignored. | |
on: | |
push: | |
branches: | |
- main | |
- staging | |
paths-ignore: | |
- 'podcast_audio/**' | |
pull_request: | |
types: [opened, synchronize, reopened, closed] | |
branches: | |
- main | |
- staging | |
paths-ignore: | |
- 'podcast_audio/**' | |
schedule: | |
- cron: '0 0 * * 0' | |
workflow_dispatch: | |
# The workflow has several phases. Phases 1, 2 and 3 run on a push, or if the pull request activity | |
# type is not 'closed'. | |
# | |
# 1. A validation phase, which is split into two separate jobs that run in parallel. | |
# 1.1 A set of steps that compress images | |
# 1.2 A set of steps that lint the markdown contents of the website | |
# | |
# 2. Build the Static Website by using the Hugo CLI. | |
# | |
# 3. Deploy the website to Azure Static Web Apps | |
# 3.1 If the workflow was triggered by a pull request (not a closed activity), then publish the static assets | |
# to the static web app. This is associated with the GitHub Actions staging.azure environment. | |
# 3.2 If the workflow was triggered by a push to main, then publish the static assets to the static | |
# web app. This is associated with the GitHub Actions production.azure environment, so requires manual approval. | |
# | |
# 4 If the workflow was triggered by a Pull Request close event, then close the staging sites which are open. | |
# Environment variables used for consistency across the workflow. | |
env: | |
HUGO_VERSION: '0.122.0' | |
jobs: | |
# A set of steps used to compress the images, making sure that images are compressed ahead of publishing to the site. | |
# This is done to make sure that the browsing experience remains speedy. | |
compressor: | |
if: github.event_name == 'pull_request' && github.event.action != 'closed' | |
uses: CloudWithChris/Reusable-Workflows/.github/workflows/compress-images.yaml@main | |
with: | |
friendly_environment: Compress | |
secrets: | |
githubtoken: ${{ secrets.GITHUB_TOKEN }} | |
# A set of steps used to lint the markdown files used to generate the content. | |
# This is done to make sure there are consistent standards being adopted when writing the material. | |
# These standards are configured in the /.github/linters folder of the repository. | |
lint: | |
if: github.event_name == 'push' || (github.event.pull_request.head.repo.full_name == github.repository && github.event.action != 'closed') | |
uses: CloudWithChris/Reusable-Workflows/.github/workflows/lint-static-content.yaml@main | |
with: | |
friendly_environment: Linter | |
secrets: | |
githubtoken: ${{ secrets.GITHUB_TOKEN }} | |
# A set of steps used to render the website from the markdown, theme and assets into the HTML, CSS, JS and images that are delivered to a user. | |
build: | |
if: github.event_name == 'push' || (github.event.pull_request.head.repo.full_name == github.repository && github.event.action != 'closed') | |
runs-on: ubuntu-latest | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: 'true' | |
- name: 'Dependency Review' | |
if: github.event_name == 'pull_request' && github.event.action != 'closed' | |
uses: actions/dependency-review-action@v3 | |
- name: 'Install Node Dependencies' | |
run: npm ci | |
- name: 'Setup Hugo on Runner' | |
uses: peaceiris/actions-hugo@v2 | |
with: | |
hugo-version: ${{ env.HUGO_VERSION }} | |
extended: true | |
- name: Setup Pages | |
id: pages | |
uses: actions/configure-pages@v3 | |
- id: 'auth' | |
name: 'Authenticate to Google Cloud' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
workload_identity_provider: '${{ secrets.GH_GOOGLE_FED_PROVIDER }}' | |
service_account: '${{ secrets.GA_API_SERVICE_ACC_EMAIL}}' | |
- run: | | |
npm install @google-analytics/data | |
- uses: actions/github-script@v6 | |
env: | |
GA_TRACKING_ID: ${{ secrets.GA_TRACKING_ID }} | |
with: | |
script: | | |
const script = require('.github/workflows/scripts/google-analytics.js') | |
await script({github, context, core}) | |
- name: 'Update cache version for Service Worker' | |
working-directory: 'static' | |
run: | | |
sed -i "s/GITHUB_TOKEN_FOR_SW_CACHE_VERSION/$GITHUB_SHA/" sw.js | |
- name: 'Build and Minify Hugo Contents' | |
run: hugo --minify --baseURL "${{ steps.pages.outputs.base_url }}/" | |
- name: Upload artifact | |
uses: actions/upload-pages-artifact@v2 | |
with: | |
path: ./public | |
# Deployment job | |
deploy: | |
if: github.ref == 'refs/heads/main' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' | |
permissions: | |
contents: read | |
pages: write | |
id-token: write | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v2 |