add audit commands #242
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Hugo site to Hosting | |
on: | |
# Runs on pushes targeting the default branch | |
push: | |
branches: | |
- hugo | |
- master | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
permissions: | |
contents: read | |
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. | |
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. | |
concurrency: | |
group: "hosting" | |
cancel-in-progress: false | |
# Default to bash | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
# Build job | |
build: | |
runs-on: ubuntu-latest | |
env: | |
HUGO_VERSION: 0.129.0 | |
THEME_VERSION: 0.47.0 | |
THEME: hugo-geekdoc | |
BASEDIR: docs | |
THEMEDIR: ./themes | |
SITE_URL: "https://notes.evaron.ru/" | |
steps: | |
- name: Install Hugo CLI | |
run: | | |
wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \ | |
&& sudo dpkg -i ${{ runner.temp }}/hugo.deb | |
- name: Install Dart Sass Embedded | |
run: sudo snap install dart-sass-embedded | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Node.js dependencies | |
run: "[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm ci || true" | |
- name: Create folder for template | |
run: mkdir -p ${THEMEDIR}/${THEME}/ | |
- name: Download template | |
run: curl -sSL "https://github.com/thegeeklab/${THEME}/releases/download/v${THEME_VERSION}/${THEME}.tar.gz" | tar -xz -C ${THEMEDIR}/${THEME}/ --strip-components=1 | |
- name: Build with Hugo | |
env: | |
# For maximum backward compatibility with Hugo modules | |
HUGO_ENVIRONMENT: production | |
HUGO_ENV: production | |
run: | | |
hugo \ | |
--gc \ | |
--minify \ | |
--baseURL ${SITE_URL} | |
- name: Archive hugo artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: hugo-artifact | |
path: ./public | |
deploy-hosting: | |
runs-on: ubuntu-latest | |
environment: jino | |
needs: build | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download hugo artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: hugo-artifact | |
path: public | |
- name: rsync deployments | |
uses: burnett01/rsync-deployments@7.0.1 | |
with: | |
switches: -avzr --delete | |
path: public/ | |
remote_path: ./domains/notes.evaron.ru/ | |
remote_host: ${{ vars.SFTP_HOST }} | |
remote_user: ${{ secrets.SFTP_USER }} | |
remote_key: ${{ secrets.SFTP_KEY }} |