privacyguides · jonaharagon · Apr 10, 2024 · Apr 10, 2024
diff --git a/.cache/plugin/social/fonts b/.cache/plugin/social/fonts
@@ -0,0 +1 @@
+../../../theme/assets/brand/fonts
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -4,5 +4,5 @@
 	"name": "Privacy Guides",
 	"image": "ghcr.io/squidfunk/mkdocs-material:9.5.17",
 	"forwardPorts": [8000],
-  "postCreateCommand": "git submodule init; git submodule update theme/assets/brand; mkdocs serve --dev-addr=0.0.0.0:8000 --config-file config/mkdocs.en.yml"
+  "postCreateCommand": "git submodule init; git submodule update theme/assets/brand; mkdocs serve --dev-addr=0.0.0.0:8000"
 }
diff --git a/.devcontainer/team/devcontainer.json b/.devcontainer/team/devcontainer.json
@@ -4,5 +4,5 @@
 	"name": "Privacy Guides Team",
 	"image": "ghcr.io/privacyguides/privacyguides.org:main",
 	"forwardPorts": [8000],
-  "postCreateCommand": "git submodule init; git submodule update theme/assets/brand; MKDOCS_INHERIT=mkdocs-production.yml mkdocs serve --dev-addr=0.0.0.0:8000 --config-file config/mkdocs.en.yml"
+  "postCreateCommand": "git submodule init; git submodule update theme/assets/brand; mkdocs serve --dev-addr=0.0.0.0:8000 --config-file mkdocs-production.yml"
 }
@@ -1,8 +1,7 @@
-#
 name: ☁️ Build Container
 
 # Configures this workflow to run every time a change is pushed to the branch called `release`.
 on:
  push:
    branches: ["main"]
  release:

@@ -0,0 +1,116 @@
+name: 🛠️ Build PR Preview
+
+on:
+  pull_request:
+
+concurrency:
+  group: ${{github.event.pull_request.head.ref}}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  metadata:
+    runs-on: ubuntu-latest
+    outputs:
+      submodules: ${{ steps.submodules-fork.outputs.submodules || steps.submodules-main.outputs.submodules }}
+      privileged: ${{ steps.submodules-fork.outputs.privileged || steps.submodules-main.outputs.privileged }}
+    env:
+      ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
+    steps:
+      - name: Set submodules for fork
+        if: env.ACTIONS_SSH_KEY == ''
+        id: submodules-fork
+        run: |
+          echo 'submodules={"repo":["brand","i18n"]}' >> "$GITHUB_OUTPUT"
+          echo "privileged=false" >> "$GITHUB_OUTPUT"
+
+      - name: Set submodules for main repo
+        if: env.ACTIONS_SSH_KEY != ''
+        id: submodules-main
+        run: |
+          echo 'submodules={"repo":["brand","i18n","mkdocs-material-insiders"]}' >> "$GITHUB_OUTPUT"
+          echo "privileged=true" >> "$GITHUB_OUTPUT"
+
+      - name: Save PR metadata
+        run: |
+          mkdir -p ./metadata
+          echo ${{ github.event.number }} > ./metadata/NR
+          echo ${{ github.event.pull_request.head.sha }} > ./metadata/SHA
+
+      - name: Upload metadata as artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: metadata
+          path: metadata
+
+  submodule:
+    needs: metadata
+    strategy:
+      matrix: ${{ fromJson(needs.metadata.outputs.submodules) }}
+    uses: privacyguides/.github/.github/workflows/download-repo.yml@main
+    with:
+      repo: ${{ matrix.repo }}
+      privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
+    secrets:
+      ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
+
+  build_english:
+    needs: [submodule, metadata]
+    strategy:
+      matrix:
+        lang: [en]
+      fail-fast: true
+    uses: ./.github/workflows/build.yml
+    with:
+      ref: ${{github.event.pull_request.head.ref}}
+      repo: ${{github.event.pull_request.head.repo.full_name}}
+      lang: en
+      continue-on-error: false
+      privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
+
+  build_i18n:
+    if: ${{ contains(github.event.pull_request.labels.*.name, 'ci:build i18n') }}
+    needs: [submodule, metadata]
+    strategy:
+      matrix:
+        lang: [es, fr, he, it, nl, ru, zh-Hant]
+      fail-fast: false
+    uses: ./.github/workflows/build.yml
+    with:
+      ref: ${{github.event.pull_request.head.ref}}
+      repo: ${{github.event.pull_request.head.repo.full_name}}
+      lang: ${{ matrix.lang }}
+      continue-on-error: true
+      privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
+
+  combine_build:
+    needs: [build_english, build_i18n]
+    if: |
+      (always() && !cancelled() && !failure()) &&
+      needs.build_english.result == 'success' &&
+      (needs.build_i18n.result == 'success' || needs.build_i18n.result == 'skipped')
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          pattern: site-build-*
+          merge-multiple: true
+
+      - run: |
+          for file in *.tar.gz; do tar -zxf "$file"; done
+          ls -la site/
+
+      - name: Upload Site
+        uses: actions/upload-artifact@v4
+        with:
+          name: site-build-combined
+          path: site
+          retention-days: 5
+
+  cleanup:
+    if: ${{ always() }}
+    needs: [build_english, build_i18n]
+    uses: privacyguides/.github/.github/workflows/cleanup.yml@main