Add pyramid-csp
#288
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Site Builder | |
# This workflow is triggered on pushes to the repository. | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
release: | |
types: | |
- created | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
name: "Build the trypyramid.com website" | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '19.x' | |
- run: yarn install | |
- run: yarn lint | |
- run: yarn build | |
env: | |
CI_COMMIT_SHA: ${{ github.sha }} | |
HUGO_BASEURL: "https://trypyramid.com/" | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: built-dist | |
path: dist | |
release: | |
runs-on: ubuntu-latest | |
if: github.event_name == 'release' | |
needs: build | |
name: "Publish the released assets" | |
steps: | |
- name: Download the dist artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: built-dist | |
path: built-dist | |
- name: Zip artifacts | |
run: cd built-dist && zip -r ../website.zip . | |
- name: Upload website.zip to Github release | |
uses: actions/upload-release-asset@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ github.event.release.upload_url }} | |
asset_path: website.zip | |
asset_name: website.zip | |
asset_content_type: application/zip | |
ghpages: | |
runs-on: ubuntu-latest | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
needs: build | |
name: "Publish the website" | |
steps: | |
- name: Setup SSH keys and known_hosts | |
env: | |
SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
run: | | |
mkdir -p ~/.ssh | |
chmod 0700 ~/.ssh | |
ssh-keyscan github.com >> ~/.ssh/known_hosts | |
ssh-agent -a $SSH_AUTH_SOCK > /dev/null | |
ssh-add - <<< "${{ secrets.DEPLOYKEY }}" | |
- name: Download the dist artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: built-dist | |
path: built-dist | |
- name: Push these changes to the pages repository | |
env: | |
SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
run: | | |
cd built-dist | |
git init . | |
git config user.email "pylonsbot@pylonsproject.org" | |
git config user.name "Pylonsbot" | |
git add -A | |
git commit -m "Publish the latest version of trypyramid.com: $(date +'%Y-%m-%dT%H:%M')" | |
git remote add origin git@github.com:Pylons/trypyramid.com-pages.git | |
git push -f origin HEAD:gh-pages | |
audit: | |
runs-on: ubuntu-latest | |
name: "Audit the NPM packages" | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '19.x' | |
- run: yarn install | |
- run: yarn list | |
- run: yarn audit | |
continue-on-error: true |