privacyguides.org/.github/workflows/publish-pr.yml

154 lines
5.4 KiB
YAML
Raw Normal View History

2024-03-31 07:10:46 -04:00
name: 📦 PR Preview
2024-03-28 22:30:13 -04:00
on:
workflow_run:
workflows: [🛠️ Build PR Preview]
types:
- completed
2024-03-28 22:30:13 -04:00
permissions:
actions: read
2024-03-28 22:30:13 -04:00
contents: read
pull-requests: write
2024-03-28 22:30:13 -04:00
jobs:
metadata:
if: >
github.event.workflow_run.event == 'pull_request' &&
github.event.workflow_run.conclusion == 'success'
2024-03-28 22:30:13 -04:00
runs-on: ubuntu-latest
outputs:
pr_number: ${{ steps.metadata.outputs.pr_number }}
sha: ${{ steps.metadata.outputs.sha }}
privileged: ${{ steps.metadata.outputs.privileged }}
steps:
- name: Download Website Build Artifact
uses: actions/github-script@v7.0.1
with:
script: |
var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{github.event.workflow_run.id }},
});
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "site-build-combined"
})[0];
var download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
var fs = require('fs');
fs.writeFileSync('${{github.workspace}}/site-build-combined.zip', Buffer.from(download.data));
- name: Unpack Website
run: |
mkdir -p site
unzip site-build-combined.zip -d site
tar -czvf site-build-combined.tar.gz site
- name: Upload Combined Build Artifact
uses: actions/upload-artifact@v4
with:
name: site-build-combined.tar.gz
path: site-build-combined.tar.gz
retention-days: 5
- name: Download Metadata Artifact
uses: actions/github-script@v7.0.1
with:
script: |
var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{github.event.workflow_run.id }},
});
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "metadata"
})[0];
var download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
var fs = require('fs');
fs.writeFileSync('${{github.workspace}}/metadata.zip', Buffer.from(download.data));
- name: Set Metadata
id: metadata
run: |
mkdir -p metadata
unzip metadata.zip -d metadata
echo "pr_number=$(cat metadata/NR)" >> "$GITHUB_OUTPUT"
echo "sha=$(cat metadata/SHA)" >> "$GITHUB_OUTPUT"
echo "privileged=$(cat metadata/PRIVILEGED)" >> "$GITHUB_OUTPUT"
2024-03-28 22:30:13 -04:00
deploy_netlify:
needs: metadata
permissions:
contents: read
uses: privacyguides/webserver/.github/workflows/deploy-netlify-preview.yml@main
2024-03-28 22:30:13 -04:00
with:
netlify_alias: ${{ needs.metadata.outputs.pr_number }}
2024-03-31 07:10:46 -04:00
netlify_site_id: ${{ vars.NETLIFY_SITE }}
2024-03-28 22:30:13 -04:00
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
deploy_garage:
needs: metadata
permissions:
contents: read
uses: privacyguides/webserver/.github/workflows/deploy-garage-preview.yml@main
with:
alias: ${{ needs.metadata.outputs.pr_number }}
bucket: ${{ vars.PREVIEW_GARAGE_BUCKET }}
hostname: ${{ vars.PREVIEW_GARAGE_HOSTNAME }}
secrets:
PREVIEW_GARAGE_KEY_ID: ${{ secrets.PREVIEW_GARAGE_KEY_ID }}
PREVIEW_GARAGE_SECRET_KEY: ${{ secrets.PREVIEW_GARAGE_SECRET_KEY }}
2024-03-28 22:30:13 -04:00
comment:
permissions:
pull-requests: write
needs: [deploy_garage, metadata]
2024-03-28 22:30:13 -04:00
runs-on: ubuntu-latest
env:
address: ${{ needs.deploy_garage.outputs.address }}
2024-03-28 22:30:13 -04:00
steps:
- uses: thollander/actions-comment-pull-request@v2.5.0
if: ${{ needs.metadata.outputs.privileged == 'true' }}
2024-03-28 22:30:13 -04:00
with:
pr_number: ${{ needs.metadata.outputs.pr_number }}
2024-03-28 22:30:13 -04:00
message: |
### <span aria-hidden="true">✅</span> Your preview is ready!
| Name | Link |
| :---: | ---- |
| <span aria-hidden="true">🔨</span> Latest commit | ${{ needs.metadata.outputs.sha }} |
| <span aria-hidden="true">😎</span> Preview | ${{ env.address }} |
2024-03-28 22:30:13 -04:00
comment_tag: deployment
- uses: thollander/actions-comment-pull-request@v2.5.0
if: ${{ needs.metadata.outputs.privileged == 'false' }}
with:
pr_number: ${{ needs.metadata.outputs.pr_number }}
message: |
### <span aria-hidden="true">✅</span> Your preview is ready!
| Name | Link |
| :---: | ---- |
| <span aria-hidden="true">🔨</span> Latest commit | ${{ needs.metadata.outputs.sha }} |
| <span aria-hidden="true">😎</span> Preview | ${{ env.address }} |
Please note that this preview was built from an untrusted source, so it was not granted access to all mkdocs-material features.
Maintainers should ensure this PR has been reviewed locally with a full build before merging.
comment_tag: deployment