mirror of
https://github.com/PrivSec-dev/privsec.dev
synced 2024-12-22 04:41:33 -05:00
Safer Workflow
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
a698a0ac54
commit
422c26c6ce
@ -1,32 +1,44 @@
|
||||
# This file was auto-generated by the Firebase CLI
|
||||
# https://github.com/firebase/firebase-tools
|
||||
|
||||
name: Deploy to Firebase Hosting on PR
|
||||
'on': pull_request_target
|
||||
on:
|
||||
workflow_run:
|
||||
workflows: ["Build Hugo site on PR"]
|
||||
types:
|
||||
- completed
|
||||
|
||||
jobs:
|
||||
Build_and_Preview:
|
||||
Preview:
|
||||
runs-on: ubuntu-latest
|
||||
if: >
|
||||
${{ github.event.workflow_run.event == 'pull_request' &&
|
||||
github.event.workflow_run.conclusion == 'success' }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
- name: Download artifact
|
||||
uses: actions/github-script@v3.1.0
|
||||
with:
|
||||
submodules: true # Fetch Hugo themes (true OR recursive)
|
||||
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
|
||||
script: |
|
||||
var artifacts = await github.actions.listWorkflowRunArtifacts({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
run_id: ${{github.event.workflow_run.id }},
|
||||
});
|
||||
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
|
||||
return artifact.name == "public"
|
||||
})[0];
|
||||
var download = await github.actions.downloadArtifact({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
artifact_id: matchArtifact.id,
|
||||
archive_format: 'zip',
|
||||
});
|
||||
var fs = require('fs');
|
||||
fs.writeFileSync('${{github.workspace}}/public.zip', Buffer.from(download.data));
|
||||
|
||||
#- name: Fecth External Blog
|
||||
# run: ./external-blogs.sh
|
||||
- name: Unzip artifact
|
||||
run: unzip public.zip
|
||||
|
||||
- name: Hugo setup
|
||||
uses: peaceiris/actions-hugo@v2
|
||||
with:
|
||||
hugo-version: 'latest'
|
||||
|
||||
- name: Build
|
||||
run: hugo --minify
|
||||
|
||||
- name: Deploy
|
||||
- name: Deploy to Firebase
|
||||
uses: FirebaseExtended/action-hosting-deploy@v0
|
||||
with:
|
||||
repoToken: '${{ secrets.GITHUB_TOKEN }}'
|
||||
firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_PRIVSEC_356523 }}'
|
||||
projectId: privsec-356523
|
||||
projectId: privsec-356523
|
31
.github/workflows/pull-request-reciever.yml
vendored
Normal file
31
.github/workflows/pull-request-reciever.yml
vendored
Normal file
@ -0,0 +1,31 @@
|
||||
# This file was auto-generated by the Firebase CLI
|
||||
# https://github.com/firebase/firebase-tools
|
||||
|
||||
name: Build Hugo site on PR
|
||||
'on': pull_request
|
||||
jobs:
|
||||
Build_Hugo_Site:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
submodules: true # Fetch Hugo themes (true OR recursive)
|
||||
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
|
||||
|
||||
#- name: Fecth External Blog
|
||||
# run: ./external-blogs.sh
|
||||
|
||||
- name: Hugo setup
|
||||
uses: peaceiris/actions-hugo@v2
|
||||
with:
|
||||
hugo-version: 'latest'
|
||||
|
||||
- name: Build Hugo site
|
||||
run: hugo --minify
|
||||
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@v2
|
||||
with:
|
||||
name: public
|
||||
path: public/
|
Loading…
Reference in New Issue
Block a user