-
Notifications
You must be signed in to change notification settings - Fork 55
156 lines (152 loc) · 6.54 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: Publish GitHub pages
# read-write repo token
# access to secrets
# based on https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
on:
workflow_run:
workflows: ["Build PR"]
types:
- completed
# avoid GitHub Pages deploy to overwrite another in progress job
concurrency:
group: dev_environment
cancel-in-progress: false
jobs:
publish:
runs-on: ubuntu-latest
if: >
${{ github.event.workflow_run.event == 'pull_request' }}
# github.event.workflow_run.conclusion == 'success'
steps:
- uses: actions/checkout@v2
with:
ref: 'gh-pages'
path: 'gh-pages'
- name: 'Download artifact'
uses: actions/[email protected]
with:
script: |
var artifacts = await github.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{github.event.workflow_run.id }},
});
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "website-output"
})[0];
var download = await github.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
var fs = require('fs');
fs.writeFileSync('${{github.workspace}}/website-output.zip', Buffer.from(download.data));
- name: Extract built content from artifact
run: |
mkdir -p /tmp/website-output
unzip website-output.zip -d /tmp/website-output
- name: Get PR number from artifact
id: get_ticket
run: |
echo "::set-output name=NR::$(< /tmp/website-output/NR)"
echo "::set-output name=REPO::$(< /tmp/website-output/REPO)"
- name: Get PR ref
id: get_pull_request_ref
if: steps.get_ticket.outputs.NR != 'main'
uses: octokit/[email protected]
with:
route: GET /repos/:repository/pulls/:issue_id
repository: ${{ github.repository }}
issue_id: ${{ steps.get_ticket.outputs.NR }}
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Create Deployment
id: create_deployment
if: steps.get_ticket.outputs.NR != 'main' && steps.get_ticket.outputs.REPO == github.repository
uses: octokit/[email protected]
with:
route: POST /repos/:repository/deployments
repository: ${{ steps.get_ticket.outputs.REPO }}
ref: ${{ fromJson(steps.get_pull_request_ref.outputs.data).head.ref }}
environment: dev
auto_merge: false
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Move built content to gh-pages
env:
NR: ${{ steps.get_ticket.outputs.NR }}
run: |
echo "Issue Number: $NR"
[ -z "$NR" ] && exit 1
rm -rf gh-pages/$NR/
mkdir -p gh-pages/$NR/
cp -rfv /tmp/website-output/* gh-pages/$NR/
- name: Start Deployment (in progress)
id: start_deployment
if: steps.get_ticket.outputs.NR != 'main' && steps.get_ticket.outputs.REPO == github.repository
uses: octokit/[email protected]
with:
route: POST /repos/:repository/deployments/:deployment/statuses
repository: ${{ steps.get_ticket.outputs.REPO }}
deployment: ${{ fromJson(steps.create_deployment.outputs.data).id }}
environment: dev
environment_url: http://pyar.github.io/PyZombis/${{ steps.get_ticket.outputs.NR }}
log_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
state: in_progress
mediaType: '{"previews": ["flash", "ant-man"]}'
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Publish generated content to GitHub Pages
uses: peaceiris/actions-gh-pages@v3
with:
publish_dir: gh-pages
publish_branch: gh-pages
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: 'Comment on PR'
if: github.ref != 'main'
uses: actions/github-script@v3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
var fs = require('fs');
var issue_number = Number(fs.readFileSync('/tmp/website-output/NR'));
// if this is not a PR (merge to main build), do not comment:
if (issue_number > 0) {
await github.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issue_number,
body: `Published to http://pyar.github.io/PyZombis/${issue_number}/index.html`
});
}
- name: Deployment success
id: successful_deployment
if: steps.get_ticket.outputs.NR != 'main' && steps.get_ticket.outputs.REPO == github.repository
uses: octokit/[email protected]
with:
route: POST /repos/:repository/deployments/:deployment/statuses
repository: ${{ steps.get_ticket.outputs.REPO }}
deployment: ${{ fromJson(steps.create_deployment.outputs.data).id }}
environment: dev
environment_url: http://pyar.github.io/PyZombis/${{ steps.get_ticket.outputs.NR }}
log_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
mediaType: '{"previews": ["ant-man"]}'
state: success
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Deployment failure
id: failed_deployment
if: failure() && steps.get_ticket.outputs.NR != 'main' && steps.get_ticket.outputs.REPO == github.repository
uses: octokit/[email protected]
with:
route: POST /repos/:repository/deployments/:deployment/statuses
repository: ${{ steps.get_ticket.outputs.REPO }}
deployment: ${{ fromJson(steps.create_deployment.outputs.data).id }}
environment: dev
environment_url: http://pyar.github.io/PyZombis/${{ steps.get_ticket.outputs.NR }}
log_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
mediaType: '{"previews": ["ant-man"]}'
state: failure
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"