mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2024-12-18 04:14:37 -05:00
ci: Allow blog builds from unprivileged forks
This commit is contained in:
parent
155691f94b
commit
7c3424f001
18
.github/workflows/build-blog.yml
vendored
18
.github/workflows/build-blog.yml
vendored
@ -65,6 +65,10 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
cache: "pipenv"
|
cache: "pipenv"
|
||||||
|
|
||||||
|
- name: Install Python (no pipenv)
|
||||||
|
if: ${{ !inputs.privileged }}
|
||||||
|
uses: actions/setup-python@v5
|
||||||
|
|
||||||
- name: Install Python Dependencies
|
- name: Install Python Dependencies
|
||||||
if: inputs.privileged
|
if: inputs.privileged
|
||||||
run: |
|
run: |
|
||||||
@ -72,10 +76,22 @@ jobs:
|
|||||||
pipenv install
|
pipenv install
|
||||||
sudo apt install pngquant
|
sudo apt install pngquant
|
||||||
|
|
||||||
- name: Build Website
|
- name: Install Python Dependencies (Unprivileged)
|
||||||
|
if: ${{ !inputs.privileged }}
|
||||||
|
run: |
|
||||||
|
pip install mkdocs-material mkdocs-rss-plugin mkdocs-glightbox mkdocs-macros-plugin
|
||||||
|
sudo apt install pngquant
|
||||||
|
|
||||||
|
- name: Build Website (Privileged)
|
||||||
|
if: inputs.privileged
|
||||||
run: |
|
run: |
|
||||||
pipenv run mkdocs build --config-file mkdocs.blog.yml
|
pipenv run mkdocs build --config-file mkdocs.blog.yml
|
||||||
|
|
||||||
|
- name: Build Website (Unprivileged)
|
||||||
|
if: ${{ !inputs.privileged }}
|
||||||
|
run: |
|
||||||
|
BUILD_INSIDERS=false mkdocs build --config-file mkdocs.blog.yml
|
||||||
|
|
||||||
- name: Package Website
|
- name: Package Website
|
||||||
run: |
|
run: |
|
||||||
tar -czf site-build-blog.tar.gz site
|
tar -czf site-build-blog.tar.gz site
|
||||||
|
14
.github/workflows/build-pr.yml
vendored
14
.github/workflows/build-pr.yml
vendored
@ -19,12 +19,19 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
|
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
|
||||||
steps:
|
steps:
|
||||||
|
- name: Save PR metadata
|
||||||
|
run: |
|
||||||
|
mkdir -p ./metadata
|
||||||
|
echo ${{ github.event.number }} > ./metadata/NR
|
||||||
|
echo ${{ github.event.pull_request.head.sha }} > ./metadata/SHA
|
||||||
|
|
||||||
- name: Set submodules for fork
|
- name: Set submodules for fork
|
||||||
if: env.ACTIONS_SSH_KEY == ''
|
if: env.ACTIONS_SSH_KEY == ''
|
||||||
id: submodules-fork
|
id: submodules-fork
|
||||||
run: |
|
run: |
|
||||||
echo 'submodules={"repo":["brand","i18n"]}' >> "$GITHUB_OUTPUT"
|
echo 'submodules={"repo":["brand","i18n"]}' >> "$GITHUB_OUTPUT"
|
||||||
echo "privileged=false" >> "$GITHUB_OUTPUT"
|
echo "privileged=false" >> "$GITHUB_OUTPUT"
|
||||||
|
echo "false" > ./metadata/PRIVILEGED
|
||||||
|
|
||||||
- name: Set submodules for main repo
|
- name: Set submodules for main repo
|
||||||
if: env.ACTIONS_SSH_KEY != ''
|
if: env.ACTIONS_SSH_KEY != ''
|
||||||
@ -32,12 +39,7 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
echo 'submodules={"repo":["brand","i18n","mkdocs-material-insiders"]}' >> "$GITHUB_OUTPUT"
|
echo 'submodules={"repo":["brand","i18n","mkdocs-material-insiders"]}' >> "$GITHUB_OUTPUT"
|
||||||
echo "privileged=true" >> "$GITHUB_OUTPUT"
|
echo "privileged=true" >> "$GITHUB_OUTPUT"
|
||||||
|
echo "true" > ./metadata/PRIVILEGED
|
||||||
- name: Save PR metadata
|
|
||||||
run: |
|
|
||||||
mkdir -p ./metadata
|
|
||||||
echo ${{ github.event.number }} > ./metadata/NR
|
|
||||||
echo ${{ github.event.pull_request.head.sha }} > ./metadata/SHA
|
|
||||||
|
|
||||||
- name: Upload metadata as artifact
|
- name: Upload metadata as artifact
|
||||||
uses: actions/upload-artifact@v4
|
uses: actions/upload-artifact@v4
|
||||||
|
19
.github/workflows/publish-pr.yml
vendored
19
.github/workflows/publish-pr.yml
vendored
@ -22,6 +22,7 @@ jobs:
|
|||||||
outputs:
|
outputs:
|
||||||
pr_number: ${{ steps.metadata.outputs.pr_number }}
|
pr_number: ${{ steps.metadata.outputs.pr_number }}
|
||||||
sha: ${{ steps.metadata.outputs.sha }}
|
sha: ${{ steps.metadata.outputs.sha }}
|
||||||
|
privileged: ${{ steps.metadata.outputs.privileged }}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Download Website Build Artifact
|
- name: Download Website Build Artifact
|
||||||
@ -86,6 +87,7 @@ jobs:
|
|||||||
unzip metadata.zip -d metadata
|
unzip metadata.zip -d metadata
|
||||||
echo "pr_number=$(cat metadata/NR)" >> "$GITHUB_OUTPUT"
|
echo "pr_number=$(cat metadata/NR)" >> "$GITHUB_OUTPUT"
|
||||||
echo "sha=$(cat metadata/SHA)" >> "$GITHUB_OUTPUT"
|
echo "sha=$(cat metadata/SHA)" >> "$GITHUB_OUTPUT"
|
||||||
|
echo "privileged=$(cat metadata/PRIVILEGED)" >> "$GITHUB_OUTPUT"
|
||||||
|
|
||||||
deploy_netlify:
|
deploy_netlify:
|
||||||
needs: metadata
|
needs: metadata
|
||||||
@ -122,6 +124,7 @@ jobs:
|
|||||||
address: ${{ needs.deploy_garage.outputs.address }}
|
address: ${{ needs.deploy_garage.outputs.address }}
|
||||||
steps:
|
steps:
|
||||||
- uses: thollander/actions-comment-pull-request@v2.5.0
|
- uses: thollander/actions-comment-pull-request@v2.5.0
|
||||||
|
if: ${{ needs.metadata.outputs.privileged == 'true' }}
|
||||||
with:
|
with:
|
||||||
pr_number: ${{ needs.metadata.outputs.pr_number }}
|
pr_number: ${{ needs.metadata.outputs.pr_number }}
|
||||||
message: |
|
message: |
|
||||||
@ -132,3 +135,19 @@ jobs:
|
|||||||
| <span aria-hidden="true">🔨</span> Latest commit | ${{ needs.metadata.outputs.sha }} |
|
| <span aria-hidden="true">🔨</span> Latest commit | ${{ needs.metadata.outputs.sha }} |
|
||||||
| <span aria-hidden="true">😎</span> Preview | ${{ env.address }} |
|
| <span aria-hidden="true">😎</span> Preview | ${{ env.address }} |
|
||||||
comment_tag: deployment
|
comment_tag: deployment
|
||||||
|
|
||||||
|
- uses: thollander/actions-comment-pull-request@v2.5.0
|
||||||
|
if: ${{ needs.metadata.outputs.privileged == 'false' }}
|
||||||
|
with:
|
||||||
|
pr_number: ${{ needs.metadata.outputs.pr_number }}
|
||||||
|
message: |
|
||||||
|
### <span aria-hidden="true">✅</span> Your preview is ready!
|
||||||
|
|
||||||
|
| Name | Link |
|
||||||
|
| :---: | ---- |
|
||||||
|
| <span aria-hidden="true">🔨</span> Latest commit | ${{ needs.metadata.outputs.sha }} |
|
||||||
|
| <span aria-hidden="true">😎</span> Preview | ${{ env.address }} |
|
||||||
|
|
||||||
|
Please note that this preview was built from an untrusted source, so it was not granted access to all mkdocs-material features.
|
||||||
|
Maintainers should ensure this PR has been reviewed locally with a full build before merging.
|
||||||
|
comment_tag: deployment
|
||||||
|
Loading…
Reference in New Issue
Block a user