-
Notifications
You must be signed in to change notification settings - Fork 8
133 lines (127 loc) · 5.22 KB
/
site-deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: "GitHub Pages Deployment"
# This GitHub Action workflow triggers in two scenarios -
# 1. When a push is made to the main branch
# 2. When a pull request is either opened, synchronized, reopened,
# or closed, and the target is the main branch. If the change
# is just to the podcast_audio file, then it is ignored.
on:
push:
branches:
- main
- staging
paths-ignore:
- 'podcast_audio/**'
pull_request:
types: [opened, synchronize, reopened, closed]
branches:
- main
- staging
paths-ignore:
- 'podcast_audio/**'
schedule:
- cron: '0 0 * * 0'
workflow_dispatch:
# The workflow has several phases. Phases 1, 2 and 3 run on a push, or if the pull request activity
# type is not 'closed'.
#
# 1. A validation phase, which is split into two separate jobs that run in parallel.
# 1.1 A set of steps that compress images
# 1.2 A set of steps that lint the markdown contents of the website
#
# 2. Build the Static Website by using the Hugo CLI.
#
# 3. Deploy the website to Azure Static Web Apps
# 3.1 If the workflow was triggered by a pull request (not a closed activity), then publish the static assets
# to the static web app. This is associated with the GitHub Actions staging.azure environment.
# 3.2 If the workflow was triggered by a push to main, then publish the static assets to the static
# web app. This is associated with the GitHub Actions production.azure environment, so requires manual approval.
#
# 4 If the workflow was triggered by a Pull Request close event, then close the staging sites which are open.
# Environment variables used for consistency across the workflow.
env:
HUGO_VERSION: '0.122.0'
jobs:
# A set of steps used to compress the images, making sure that images are compressed ahead of publishing to the site.
# This is done to make sure that the browsing experience remains speedy.
compressor:
if: github.event_name == 'pull_request' && github.event.action != 'closed'
uses: CloudWithChris/Reusable-Workflows/.github/workflows/compress-images.yaml@main
with:
friendly_environment: Compress
secrets:
githubtoken: ${{ secrets.GITHUB_TOKEN }}
# A set of steps used to lint the markdown files used to generate the content.
# This is done to make sure there are consistent standards being adopted when writing the material.
# These standards are configured in the /.github/linters folder of the repository.
lint:
if: github.event_name == 'push' || (github.event.pull_request.head.repo.full_name == github.repository && github.event.action != 'closed')
uses: CloudWithChris/Reusable-Workflows/.github/workflows/lint-static-content.yaml@main
with:
friendly_environment: Linter
secrets:
githubtoken: ${{ secrets.GITHUB_TOKEN }}
# A set of steps used to render the website from the markdown, theme and assets into the HTML, CSS, JS and images that are delivered to a user.
build:
if: github.event_name == 'push' || (github.event.pull_request.head.repo.full_name == github.repository && github.event.action != 'closed')
runs-on: ubuntu-latest
permissions:
contents: 'read'
id-token: 'write'
steps:
- uses: actions/checkout@v4
with:
submodules: 'true'
- name: 'Dependency Review'
if: github.event_name == 'pull_request' && github.event.action != 'closed'
uses: actions/dependency-review-action@v3
- name: 'Install Node Dependencies'
run: npm ci
- name: 'Setup Hugo on Runner'
uses: peaceiris/actions-hugo@v3
with:
hugo-version: ${{ env.HUGO_VERSION }}
extended: true
- name: Setup Pages
id: pages
uses: actions/configure-pages@v3
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v1'
with:
workload_identity_provider: '${{ secrets.GH_GOOGLE_FED_PROVIDER }}'
service_account: '${{ secrets.GA_API_SERVICE_ACC_EMAIL}}'
- run: |
npm install @google-analytics/data
- uses: actions/github-script@v6
env:
GA_TRACKING_ID: ${{ secrets.GA_TRACKING_ID }}
with:
script: |
const script = require('.github/workflows/scripts/google-analytics.js')
await script({github, context, core})
- name: 'Update cache version for Service Worker'
working-directory: 'static'
run: |
sed -i "s/GITHUB_TOKEN_FOR_SW_CACHE_VERSION/$GITHUB_SHA/" sw.js
- name: 'Build and Minify Hugo Contents'
run: hugo --minify --baseURL "${{ steps.pages.outputs.base_url }}/"
- name: Upload artifact
uses: actions/upload-pages-artifact@v2
with:
path: ./public
# Deployment job
deploy:
if: github.ref == 'refs/heads/main' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
permissions:
contents: read
pages: write
id-token: write
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: build
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v2