From f19cc37b680bf664a2500d60399d2c08cb9baef3 Mon Sep 17 00:00:00 2001 From: Jonah Aragon Date: Sat, 30 Mar 2024 19:12:48 -0500 Subject: [PATCH] Use GitHub Actions instead of Netlify --- .github/workflows/build-offline.yml | 106 ++++++++++++++++++++ .github/workflows/build.yml | 11 ++- .github/workflows/deploy.yml | 61 +++++++++--- .github/workflows/download-repo.yml | 8 +- .github/workflows/mirror.yml | 9 -- .github/workflows/preview-pr.yml | 4 +- .github/workflows/release.yml | 148 +++++++++------------------- 7 files changed, 213 insertions(+), 134 deletions(-) create mode 100644 .github/workflows/build-offline.yml diff --git a/.github/workflows/build-offline.yml b/.github/workflows/build-offline.yml new file mode 100644 index 0000000000..cb449813af --- /dev/null +++ b/.github/workflows/build-offline.yml @@ -0,0 +1,106 @@ +# Copyright (c) 2024 Jonah Aragon + +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS +# IN THE SOFTWARE. + +name: Build Offline Website + +on: + workflow_call: + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + persist-credentials: 'false' + + - uses: actions/download-artifact@v4 + with: + pattern: repo-* + path: modules + + - run: | + rmdir modules/mkdocs-material + mv modules/repo-mkdocs-material-insiders modules/mkdocs-material + rmdir theme/assets/brand + mv modules/repo-brand theme/assets/brand + + - name: Python setup + uses: actions/setup-python@v5 + with: + python-version: '3.8' + cache: 'pipenv' + + - name: Cache files + uses: actions/cache@v4.0.2 + with: + key: ${{ github.ref }} + path: .cache + + - name: Install Python dependencies + run: | + pip install pipenv + pipenv install + sudo apt install pngquant + + - name: Build website + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CARDS: false + CONTEXT: deploy-preview + NETLIFY: true + run: | + pipenv run mkdocs build --config-file config/mkdocs-offline.yml + pipenv run mkdocs --version + + - name: Package website + run: | + tar -czvf offline.tar.gz site + zip -r -q offline.zip site + + - name: Upload tar.gz file + uses: actions/upload-artifact@v4 + with: + name: offline.tar.gz + path: offline.tar.gz + + - name: Upload zip file + uses: actions/upload-artifact@v4 + with: + name: offline.zip + path: offline.zip + + - name: Create ZIM File + uses: addnab/docker-run-action@v3 + with: + image: ghcr.io/openzim/zim-tools:3.1.3 + options: -v ${{ github.workspace }}:/data + run: | + zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site /data/privacy_guides.zim + + - name: Upload ZIM file + uses: actions/upload-artifact@v4 + with: + name: offline-privacy_guides.zim + path: offline-privacy_guides.zim diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 02cc3a85c7..730cc609b8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -53,19 +53,20 @@ jobs: - uses: actions/download-artifact@v4 with: + pattern: repo-* path: modules - run: | rmdir modules/mkdocs-material - mv modules/mkdocs-material-insiders modules/mkdocs-material + mv modules/repo-mkdocs-material-insiders modules/mkdocs-material rmdir theme/assets/brand - mv modules/brand theme/assets/brand + mv modules/repo-brand theme/assets/brand - if: inputs.i18n run: | - cp -rl modules/i18n/i18n . - cp -rl modules/i18n/includes . - cp -rl modules/i18n/theme . + cp -rl modules/repo-i18n/i18n . + cp -rl modules/repo-i18n/includes . + cp -rl modules/repo-i18n/theme . - name: Python setup uses: actions/setup-python@v5 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 54f7502bc6..6b79b472ae 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -23,26 +23,24 @@ name: Cleanup Artifacts on: workflow_call: inputs: - netlify: + netlify_preview: type: boolean netlify_alias: type: string + netlify_production: + type: boolean outputs: - netlify_address: - value: ${{ jobs.netlify.outputs.address }} + netlify_preview_address: + value: ${{ jobs.netlifypreview.outputs.address }} secrets: NETLIFY_TOKEN: jobs: - netlify: - if: inputs.netlify + netlifypreview: + if: inputs.netlify_preview runs-on: ubuntu-latest outputs: - address: ${{ steps.deployment.outputs.address }} - - environment: - name: preview-netlify - url: ${{ steps.deployment.outputs.address }} + address: ${{ steps.address.outputs.address }} steps: - uses: actions/download-artifact@v4 @@ -60,13 +58,50 @@ jobs: - run: | npm install netlify-cli -g - - name: Limit length of Netlify alias to 12 + - if: inputs.netlify_preview + name: Limit length of Netlify alias to 12 run: echo "SHORT_ALIAS=`echo ${{ inputs.netlify_alias }} | cut -c1-12`" >> $GITHUB_ENV - - id: deployment + - if: inputs.netlify_preview + id: deployment env: NETLIFY_SITE_ID: ${{ vars.NETLIFY_SITE }} NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }} run: | netlify deploy --dir=site --alias=${{ env.SHORT_ALIAS }} - echo "address=https://${{ env.SHORT_ALIAS }}--${{ vars.NETLIFY_SITE }}.netlify.app/" >> "$GITHUB_OUTPUT" + echo "DEPLOYED_ADDRESS=https://${{ env.SHORT_ALIAS }}--${{ vars.NETLIFY_SITE }}.netlify.app/" >> "$GITHUB_ENV" + + - id: address + run: | + echo "address=$DEPLOYED_ADDRESS" >> "$GITHUB_OUTPUT" + + netlify: + if: inputs.netlify_production + runs-on: ubuntu-latest + + environment: + name: production + url: https://www.privacyguides.org + + steps: + - uses: actions/download-artifact@v4 + with: + pattern: site-build-* + merge-multiple: true + + - run: | + for file in *.tar.gz; do tar -zxf "$file"; done + wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml + ls -la site/ + + - uses: actions/setup-node@v4 + + - run: | + npm install netlify-cli -g + + - id: prod_deployment + env: + NETLIFY_SITE_ID: ${{ vars.PROD_NETLIFY_SITE }} + NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }} + run: | + netlify deploy --dir=site --prod-if-unlocked diff --git a/.github/workflows/download-repo.yml b/.github/workflows/download-repo.yml index 730d3f0ac9..d4c36f3ed1 100644 --- a/.github/workflows/download-repo.yml +++ b/.github/workflows/download-repo.yml @@ -33,18 +33,16 @@ on: jobs: download: runs-on: ubuntu-latest - environment: - name: actions-ssh steps: - name: Checkout repository uses: actions/checkout@v4 with: repository: 'privacyguides/${{ inputs.repo }}' - path: ${{ inputs.repo }} + path: repo-${{ inputs.repo }} ssh-key: ${{ secrets.ACTIONS_SSH_KEY }} - uses: actions/upload-artifact@v4 with: - name: ${{ inputs.repo }} - path: ${{ inputs.repo }} + name: repo-${{ inputs.repo }} + path: repo-${{ inputs.repo }} retention-days: 1 diff --git a/.github/workflows/mirror.yml b/.github/workflows/mirror.yml index 0c71de907b..be05831ca7 100644 --- a/.github/workflows/mirror.yml +++ b/.github/workflows/mirror.yml @@ -29,9 +29,6 @@ concurrency: jobs: gitlab: runs-on: ubuntu-latest - environment: - name: actions-ssh - url: https://gitlab.com/privacyguides/privacyguides.org steps: - name: Mirror to GitLab uses: wearerequired/git-mirror-action@v1 @@ -43,9 +40,6 @@ jobs: codeberg: runs-on: ubuntu-latest - environment: - name: actions-ssh - url: https://codeberg.org/privacyguides/privacyguides.org steps: - name: Mirror to Codeberg uses: wearerequired/git-mirror-action@v1 @@ -57,9 +51,6 @@ jobs: sourcehut: runs-on: ubuntu-latest - environment: - name: actions-ssh - url: https://git.sr.ht/~jonaharagon/privacyguides.org steps: - name: Mirror to SourceHut uses: wearerequired/git-mirror-action@v1 diff --git a/.github/workflows/preview-pr.yml b/.github/workflows/preview-pr.yml index a69bda3434..6d5ca786a6 100644 --- a/.github/workflows/preview-pr.yml +++ b/.github/workflows/preview-pr.yml @@ -61,7 +61,7 @@ jobs: needs: build uses: ./.github/workflows/deploy.yml with: - netlify: true + netlify_preview: true netlify_alias: ${{ github.event.pull_request.head.sha }} secrets: NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }} @@ -72,7 +72,7 @@ jobs: needs: deploy runs-on: ubuntu-latest env: - address: ${{ needs.deploy.outputs.netlify_address }} + address: ${{ needs.deploy.outputs.netlify_preview_address }} steps: - uses: thollander/actions-comment-pull-request@v2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ac67fd2307..00efe922ee 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2021-2023 Jonah Aragon +# Copyright (c) 2021-2024 Jonah Aragon # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to @@ -26,100 +26,43 @@ on: - '*' jobs: - production: - name: Push release to production - runs-on: ubuntu-latest - environment: - name: actions-ssh - permissions: - contents: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: '0' - ssh-key: ${{ secrets.ACTIONS_SSH_KEY }} - submodules: 'true' - - - name: Push to production branch - run: | - git push origin HEAD:production + submodules: + strategy: + matrix: + repo: [mkdocs-material-insiders, brand, i18n] + uses: ./.github/workflows/download-repo.yml + with: + repo: ${{ matrix.repo }} + secrets: + ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }} build: - name: Create release packages - runs-on: ubuntu-latest - environment: - name: actions-ssh - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: '0' - ssh-key: ${{ secrets.ACTIONS_SSH_KEY }} - submodules: 'true' - - - name: Python setup - uses: actions/setup-python@v5 - with: - python-version: '3.8' - cache: 'pipenv' - - - name: Cache files - uses: actions/cache@v4.0.2 - with: - key: ${{ github.ref }} - path: .cache - - - name: Install Python dependencies - run: | - pip install pipenv - pipenv install - sudo apt install pngquant - - - name: Build website - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CARDS: false - run: | - pipenv run mkdocs build --config-file config/mkdocs-offline.yml - pipenv run mkdocs --version - - - name: Package website - run: | - tar -czvf offline.tar.gz site - zip -r -q offline.zip site - - - name: Upload tar.gz file - uses: actions/upload-artifact@v4 - with: - name: offline.tar.gz - path: offline.tar.gz - - - name: Upload zip file - uses: actions/upload-artifact@v4 - with: - name: offline.zip - path: offline.zip - - - name: Create ZIM File - uses: addnab/docker-run-action@v3 - with: - image: ghcr.io/openzim/zim-tools:3.1.3 - options: -v ${{ github.workspace }}:/data - run: | - zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site /data/privacy_guides.zim - - - name: Upload ZIM file - uses: actions/upload-artifact@v4 - with: - name: privacy_guides.zim - path: privacy_guides.zim + needs: submodules + strategy: + matrix: + lang: [es, fr, he, it, nl, ru, zh-Hant] + i18n: [true] + include: + - lang: en + i18n: false + permissions: + contents: read + uses: ./.github/workflows/build.yml + with: + ref: ${{ github.repository }} + repo: ${{ github.ref }} + lang: ${{ matrix.lang }} + i18n: ${{ matrix.i18n }} + + buildoffline: + needs: submodules + permissions: + contents: read + uses: ./.github/workflows/build-offline.yml release: name: Create release notes - needs: build + needs: buildoffline runs-on: ubuntu-latest permissions: contents: write @@ -127,19 +70,24 @@ jobs: steps: - uses: actions/download-artifact@v4 with: - name: offline.tar.gz - - - uses: actions/download-artifact@v4 - with: - name: offline.zip - - - uses: actions/download-artifact@v4 - with: - name: privacy_guides.zim + pattern: offline* + merge-multiple: true - name: Create release notes uses: ncipollo/release-action@v1 with: generateReleaseNotes: true token: ${{ secrets.REPO_TOKEN }} - artifacts: "offline.zip,offline.tar.gz,privacy_guides.zim" + artifacts: "offline.zip,offline.tar.gz,offline-privacy_guides.zim" + + deploy: + needs: build + uses: ./.github/workflows/deploy.yml + with: + netlify_production: true + secrets: + NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }} + + cleanup: + needs: [build, buildoffline] + uses: ./.github/workflows/cleanup.yml