name: 📦 PR Preview on: workflow_run: workflows: [🛠️ Build PR Preview] types: - completed permissions: actions: read contents: read pull-requests: write jobs: metadata: if: > github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' runs-on: ubuntu-latest outputs: pr_number: ${{ steps.metadata.outputs.pr_number }} sha: ${{ steps.metadata.outputs.sha }} privileged: ${{ steps.metadata.outputs.privileged }} steps: - name: Download Website Build Artifact uses: actions/github-script@v7.0.1 with: script: | var artifacts = await github.rest.actions.listWorkflowRunArtifacts({ owner: context.repo.owner, repo: context.repo.repo, run_id: ${{github.event.workflow_run.id }}, }); var matchArtifact = artifacts.data.artifacts.filter((artifact) => { return artifact.name == "site-build-combined" })[0]; var download = await github.rest.actions.downloadArtifact({ owner: context.repo.owner, repo: context.repo.repo, artifact_id: matchArtifact.id, archive_format: 'zip', }); var fs = require('fs'); fs.writeFileSync('${{github.workspace}}/site-build-combined.zip', Buffer.from(download.data)); - name: Unpack Website run: | mkdir -p site unzip site-build-combined.zip -d site tar -czvf site-build-combined.tar.gz site - name: Upload Combined Build Artifact uses: actions/upload-artifact@v4 with: name: site-build-combined.tar.gz path: site-build-combined.tar.gz retention-days: 5 - name: Download Metadata Artifact uses: actions/github-script@v7.0.1 with: script: | var artifacts = await github.rest.actions.listWorkflowRunArtifacts({ owner: context.repo.owner, repo: context.repo.repo, run_id: ${{github.event.workflow_run.id }}, }); var matchArtifact = artifacts.data.artifacts.filter((artifact) => { return artifact.name == "metadata" })[0]; var download = await github.rest.actions.downloadArtifact({ owner: context.repo.owner, repo: context.repo.repo, artifact_id: matchArtifact.id, archive_format: 'zip', }); var fs = require('fs'); fs.writeFileSync('${{github.workspace}}/metadata.zip', Buffer.from(download.data)); - name: Set Metadata id: metadata run: | mkdir -p metadata unzip metadata.zip -d metadata echo "pr_number=$(cat metadata/NR)" >> "$GITHUB_OUTPUT" echo "sha=$(cat metadata/SHA)" >> "$GITHUB_OUTPUT" echo "privileged=$(cat metadata/PRIVILEGED)" >> "$GITHUB_OUTPUT" deploy_netlify: needs: metadata permissions: contents: read uses: privacyguides/webserver/.github/workflows/deploy-netlify-preview.yml@main with: netlify_alias: ${{ needs.metadata.outputs.pr_number }} netlify_site_id: ${{ vars.NETLIFY_SITE }} secrets: NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }} deploy_garage: needs: metadata permissions: contents: read uses: privacyguides/webserver/.github/workflows/deploy-garage-preview.yml@main with: alias: ${{ needs.metadata.outputs.pr_number }} bucket: ${{ vars.PREVIEW_GARAGE_BUCKET }} hostname: ${{ vars.PREVIEW_GARAGE_HOSTNAME }} secrets: PREVIEW_GARAGE_KEY_ID: ${{ secrets.PREVIEW_GARAGE_KEY_ID }} PREVIEW_GARAGE_SECRET_KEY: ${{ secrets.PREVIEW_GARAGE_SECRET_KEY }} comment: permissions: pull-requests: write needs: [deploy_garage, metadata] runs-on: ubuntu-latest env: address: ${{ needs.deploy_garage.outputs.address }} steps: - uses: thollander/actions-comment-pull-request@v2.5.0 if: ${{ needs.metadata.outputs.privileged == 'true' }} with: pr_number: ${{ needs.metadata.outputs.pr_number }} message: | ### Your preview is ready! | Name | Link | | :---: | ---- | | Latest commit | ${{ needs.metadata.outputs.sha }} | | Preview | ${{ env.address }} | comment_tag: deployment - uses: thollander/actions-comment-pull-request@v2.5.0 if: ${{ needs.metadata.outputs.privileged == 'false' }} with: pr_number: ${{ needs.metadata.outputs.pr_number }} message: | ### Your preview is ready! | Name | Link | | :---: | ---- | | Latest commit | ${{ needs.metadata.outputs.sha }} | | Preview | ${{ env.address }} | Please note that this preview was built from an untrusted source, so it was not granted access to all mkdocs-material features. Maintainers should ensure this PR has been reviewed locally with a full build before merging. comment_tag: deployment