From c822236f9757fd301e855950ba58920dee562e7f Mon Sep 17 00:00:00 2001 From: Jonah Aragon Date: Thu, 28 Mar 2024 21:30:13 -0500 Subject: [PATCH] Add Pull Request deployment workflow --- .github/workflows/build.yml | 104 ++++++++++++++++++++++++++++ .github/workflows/cleanup.yml | 49 +++++++++++++ .github/workflows/deploy.yml | 69 ++++++++++++++++++ .github/workflows/download-repo.yml | 48 +++++++++++++ .github/workflows/preview-pr.yml | 83 ++++++++++++++++++++++ 5 files changed, 353 insertions(+) create mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/cleanup.yml create mode 100644 .github/workflows/deploy.yml create mode 100644 .github/workflows/download-repo.yml create mode 100644 .github/workflows/preview-pr.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000000..02cc3a85c7 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,104 @@ +# Copyright (c) 2024 Jonah Aragon + +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS +# IN THE SOFTWARE. + +name: Build Website + +on: + workflow_call: + inputs: + ref: + required: true + type: string + repo: + required: true + type: string + lang: + required: true + type: string + i18n: + required: true + type: boolean + +jobs: + build: + runs-on: ubuntu-latest + continue-on-error: ${{ inputs.i18n }} + permissions: + contents: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + repository: ${{ inputs.repo }} + ref: ${{ inputs.ref }} + persist-credentials: 'false' + + - uses: actions/download-artifact@v4 + with: + path: modules + + - run: | + rmdir modules/mkdocs-material + mv modules/mkdocs-material-insiders modules/mkdocs-material + rmdir theme/assets/brand + mv modules/brand theme/assets/brand + + - if: inputs.i18n + run: | + cp -rl modules/i18n/i18n . + cp -rl modules/i18n/includes . + cp -rl modules/i18n/theme . + + - name: Python setup + uses: actions/setup-python@v5 + with: + python-version: '3.8' + cache: 'pipenv' + + - name: Cache files + uses: actions/cache@v4.0.2 + with: + key: ${{ inputs.ref }} + path: .cache + + - name: Install Python dependencies + run: | + pip install pipenv + pipenv install + sudo apt install pngquant + + - name: Build website + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CARDS: false + CONTEXT: deploy-preview + NETLIFY: true + run: | + pipenv run mkdocs build --config-file config/mkdocs.${{ inputs.lang }}.yml + cp -r static/* site/ + pipenv run mkdocs --version + tar -czvf site-build-${{ inputs.lang }}.tar.gz site + + - name: Upload tar.gz file + uses: actions/upload-artifact@v4 + with: + name: site-build-${{ inputs.lang }}.tar.gz + path: site-build-${{ inputs.lang }}.tar.gz diff --git a/.github/workflows/cleanup.yml b/.github/workflows/cleanup.yml new file mode 100644 index 0000000000..edb70251f7 --- /dev/null +++ b/.github/workflows/cleanup.yml @@ -0,0 +1,49 @@ +# Copyright (c) 2024 Jonah Aragon + +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS +# IN THE SOFTWARE. + +name: Cleanup Artifacts + +on: + workflow_call: + +jobs: + brand: + runs-on: ubuntu-latest + steps: + - uses: geekyeggo/delete-artifact@v5 + with: + name: brand + failOnError: false + + i18n: + runs-on: ubuntu-latest + steps: + - uses: geekyeggo/delete-artifact@v5 + with: + name: i18n + failOnError: false + + mkdocs-material-insiders: + runs-on: ubuntu-latest + steps: + - uses: geekyeggo/delete-artifact@v5 + with: + name: mkdocs-material-insiders + failOnError: false diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000000..9b4694ebc3 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,69 @@ +# Copyright (c) 2024 Jonah Aragon + +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS +# IN THE SOFTWARE. + +name: Cleanup Artifacts + +on: + workflow_call: + inputs: + netlify: + type: boolean + netlify_alias: + type: string + secrets: + netlify_token: + netlify_site: + outputs: + netlify_address: + value: ${{ jobs.netlify.outputs.address }} + +jobs: + netlify: + if: inputs.netlify + runs-on: ubuntu-latest + outputs: + address: ${{ steps.deployment.outputs.address }} + + steps: + - uses: actions/download-artifact@v4 + with: + pattern: site-build-* + merge-multiple: true + + - run: | + for file in *.tar.gz; do tar -zxf "$file"; done + wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml + ls -la site/ + + - uses: actions/setup-node@v4 + + - run: | + npm install netlify-cli -g + + - name: Limit length of Netlify alias to 12 + run: echo "SHORT_ALIAS=`echo ${{github.event.pull_request.head.sha}} | cut -c1-12`" >> $GITHUB_ENV + + - id: deployment + env: + NETLIFY_SITE_ID: ${{ secrets.netlify_site }} + NETLIFY_AUTH_TOKEN: ${{ secrets.netlify_token }} + run: | + netlify deploy --dir=site --alias=${{ env.SHORT_ALIAS }} + echo "address=https://${{ env.SHORT_ALIAS }}--${{ secrets.netlify_site }}.netlify.app/" >> "$GITHUB_OUTPUT" diff --git a/.github/workflows/download-repo.yml b/.github/workflows/download-repo.yml new file mode 100644 index 0000000000..3765b0df38 --- /dev/null +++ b/.github/workflows/download-repo.yml @@ -0,0 +1,48 @@ +# Copyright (c) 2024 Jonah Aragon + +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS +# IN THE SOFTWARE. + +name: Download repository + +on: + workflow_call: + inputs: + repo: + required: true + type: string + secrets: + ACTIONS_SSH_KEY: + required: true + +jobs: + download: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + repository: 'privacyguides/${{ inputs.repo }}' + path: ${{ inputs.repo }} + ssh-key: ${{ secrets.ACTIONS_SSH_KEY }} + + - uses: actions/upload-artifact@v4 + with: + name: ${{ inputs.repo }} + path: ${{ inputs.repo }} + retention-days: 1 diff --git a/.github/workflows/preview-pr.yml b/.github/workflows/preview-pr.yml new file mode 100644 index 0000000000..f0743371d8 --- /dev/null +++ b/.github/workflows/preview-pr.yml @@ -0,0 +1,83 @@ +# Copyright (c) 2024 Jonah Aragon + +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS +# IN THE SOFTWARE. + +name: Build Pull Request Preview + +on: + pull_request_target: + +jobs: + downloadSubmodules: + strategy: + matrix: + repo: [mkdocs-material-insiders, brand, i18n] + uses: ./.github/workflows/download-repo.yml + with: + repo: ${{ matrix.repo }} + secrets: + ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }} + + build: + needs: downloadSubmodules + strategy: + matrix: + lang: [es, fr, he, it, nl, ru, zh-Hant] + i18n: [true] + include: + - lang: en + i18n: false + fail-fast: false + permissions: + contents: read + uses: ./.github/workflows/build.yml + with: + ref: ${{github.event.pull_request.head.ref}} + repo: ${{github.event.pull_request.head.repo.full_name}} + lang: ${{ matrix.lang }} + i18n: ${{ matrix.i18n }} + + deploy: + needs: build + uses: ./.github/workflows/deploy.yml + with: + netlify: true + netlify_alias: ${{github.event.pull_request.head.sha}} + secrets: + netlify_site: ${{ secrets.NETLIFY_SITE_PR }} + netlify_token: ${{ secrets.NETLIFY_TOKEN }} + + comment: + permissions: + pull-requests: write + needs: deploy + runs-on: ubuntu-latest + steps: + - name: Add SHORT_SHA env property with commit short sha + run: echo "SHORT_SHA=`echo ${{github.event.pull_request.head.sha}} | cut -c1-12`" >> $GITHUB_ENV + + - uses: thollander/actions-comment-pull-request@v2 + with: + message: | + This is a test :eyes: ${{ needs.deploy.outputs.netlify_address }} + comment_tag: deployment + + cleanup: + needs: deploy + uses: ./.github/workflows/cleanup.yml