Skip to content

Merge pull request #603 from falgon/fix-ci-add-permissions #921

Merge pull request #603 from falgon/fix-ci-add-permissions

Merge pull request #603 from falgon/fix-ci-add-permissions #921

Workflow file for this run

name: CI-push
on:
push:
branches: [develop, master]
paths-ignore:
- 'README.md'
- 'LICENSE'
- '.gitignore'
jobs:
build:
runs-on: ubuntu-20.04
permissions:
repository-projects: read
contents: read
if: github.repository == 'falgon/roki-web'
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: true
- name: Site generator cache
uses: actions/cache@v4
id: site-gen-cache
with:
path: ./site
key: site-gen-v1-${{ runner.os }}-${{ hashFiles('stack.yaml') }}-${{ hashFiles('stack.yaml.lock') }}-${{ hashFiles('package.yaml') }}-${{ hashFiles('src/**') }}-${{ hashFiles('app/**') }}-${{ hashFiles('docker/.env') }}
- name: Get Haskell version
if: steps.site-gen-cache.outputs.cache-hit != 'true'
run: |
curl -sSLJ \
"https://github.com/mikefarah/yq/releases/download/${{ env.yq_version }}/yq_linux_amd64.tar.gz" |
tar xzf - ./yq_linux_amd64
chmod +x ./yq_linux_amd64
echo "ghc_version=$(./yq_linux_amd64 '.compiler' ./stack.yaml | cut -f2 -d-)" >> "$GITHUB_ENV"
echo "stack_version=$(grep BOOTSTRAP_HASKELL_STACK_VERSION ./docker/.env | cut -f2 -d=)" >> "$GITHUB_ENV"
env:
yq_version: v4.44.3
- name: Setup Haskell
if: steps.site-gen-cache.outputs.cache-hit != 'true'
uses: haskell-actions/setup@v2
with:
ghc-version: ${{ env.ghc_version }}
enable-stack: true
stack-version: ${{ env.stack_version }}
- name: stack cache
if: steps.site-gen-cache.outputs.cache-hit != 'true'
uses: actions/cache@v4
id: stack-cache
with:
path: ~/.stack
key: stack-v2-${{ runner.os }}-${{ hashFiles('stack.yaml') }}-${{ hashFiles('stack.yaml.lock') }}-${{ hashFiles('package.yaml') }}-${{ hashFiles('docker/.env') }}
- name: Install tools (apt)
uses: awalsh128/cache-apt-pkgs-action@v1.4.2
with:
packages: libxml2-utils
version: 1.0
- name: snap cache
uses: actions/cache@v2
env:
cache-name: cache-snap-packages
with:
path: ~/snap
key: ${{ runner.os }}-snap-${{ env.cache-name }}-${{ hashFiles('**/snap-packages.txt') }}
restore-keys: |
${{ runner.os }}-snap-${{ env.cache-name }}-
${{ runner.os }}-snap-
${{ runner.os }}-
- name: Install tools (snap)
run: sudo snap install chromium
- name: Setup Stack
if: steps.site-gen-cache.outputs.cache-hit != 'true' && steps.stack-cache.outputs.cache-hit != 'true'
run: |
stack config set system-ghc --global true
stack config set install-ghc --global false
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
- name: Export values
run: |
echo "ROKI_WEB_GH_ACTIONS_NODE_VERSION=$(node --version)" >> "$GITHUB_ENV"
echo "PUPPETEER_EXECUTABLE_PATH=$(which chromium)" >> "$GITHUB_ENV"
- name: Node module cache
uses: actions/cache@v4
id: node-cache
with:
path: '**/node_modules'
key: node-v1-${{ env.ROKI_WEB_GH_ACTIONS_NODE_VERSION }}-${{ runner.os }}-${{ hashFiles('.nvmrc') }}-${{ hashFiles('package.json') }}-${{ hashFiles('package-lock.json') }}
- name: Install Node dependencies
if: steps.node-cache.outputs.cache-hit != 'true'
run: npm ci
env:
NPM_CONFIG_UPDATE_NOTIFIER: false
- name: Build the roki.dev generator
if: steps.site-gen-cache.outputs.cache-hit != 'true'
run: |
stack --local-bin-path . install --flag hakyll:-previewServer --flag hakyll:-watchServer
./site --version
- name: Build and validate roki.dev
if: github.ref == 'refs/heads/master'
run: |
./site build
./site check --internal-links
xmllint docs/roki.log/sitemap.xml --noout
xmllint docs/roki.log/feed/roki.log.xml --noout
xmllint docs/roki.log/feed/roki.log-rss.xml --noout
xmllint docs/roki.diary/sitemap.xml --noout
xmllint docs/roki.diary/feed/roki.diary.xml --noout
xmllint docs/roki.diary/feed/roki.diary-rss.xml --noout
tar cvf docs.tar.xz docs
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build and validate roki.dev (fast build)
if: github.ref == 'refs/heads/develop'
run: |
./site build --preview
./site check --internal-links
xmllint docs/roki.log/sitemap.xml --noout
xmllint docs/roki.log/feed/roki.log.xml --noout
xmllint docs/roki.diary/sitemap.xml --noout
xmllint docs/roki.diary/feed/roki.diary.xml --noout
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload artifact
if: github.ref == 'refs/heads/master'
uses: actions/upload-artifact@v4
with:
name: roki.dev
path: docs.tar.xz
deploy:
runs-on: ubuntu-latest
needs: build
if: github.event_name == 'push' && github.ref == 'refs/heads/master' && github.repository == 'falgon/roki-web'
steps:
- name: Fetch archive
uses: actions/download-artifact@v4
with:
name: roki.dev
- name: Unarchive docs
run: tar xvf docs.tar.xz
- name: Deploy
uses: peaceiris/actions-gh-pages@v3
with:
deploy_key: ${{ secrets.ACTIONS_DEPLOY_KEY }}
publish_dir: ./docs
page-insight:
runs-on: ubuntu-latest
needs: deploy
if: github.repository == 'falgon/roki-web'
steps:
- uses: actions/checkout@v4
with:
submodules: false
- name: Polling until deployed
env:
POLLING_MAX: 10
POLLING_DURATION_MILLISECONDS: 5000
uses: actions/github-script@v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
result-encoding: string
script: |
let c = 0;
let res = false;
const it = setInterval(async () => {
const r = await github.repos.getLatestPagesBuild({
owner: context.repo.owner,
repo: context.repo.repo
});
if (r.data.status === "built") {
res = true;
clearInterval(it);
} else if (c > ${{ env.POLLING_MAX }}) {
res = false;
clearInterval(it);
}
++c;
}, ${{ env.POLLING_DURATION_MILLISECONDS }});
return res.toString();
- name: Get page insights
if: ${{ steps.set-result.outputs.result }} == "true"
env:
SP_THRESHOLD: 65
PC_THRESHOLD: 90
LOCALE: ja_JP
run: |
export GH_CONFIG_DIR=$PWD/.config
mkdir $GH_CONFIG_DIR
echo "${{ secrets.KIIROTORI_GH_CONFIG_HOSTS }}" > $GH_CONFIG_DIR/hosts.yml
echo "${{ secrets.KIIROTORI_GH_CONFIG_CONFIG }}" > $GH_CONFIG_DIR/config.yml
readonly workflow_id=$(gh workflow list | grep manually-PSI | cut -f3)
gh workflow run $workflow_id \
-r ${{ github.ref_name }} \
-f sp_threshold=${{ env.SP_THRESHOLD }} pc_threshold=${{ env.PC_THRESHOLD }} locale=${{ env.LOCALE }}
gh run list --workflow psi.yml