Skip to content
Main deployment

Merge branch 'staging' of https://github.com/rism-digital/muscat-guid… #8

Sign in to view logs

Merge branch 'staging' of https://github.com/rism-digital/muscat-guid…

Merge branch 'staging' of https://github.com/rism-digital/muscat-guid… #8

Workflow file for this run

.github/workflows/main.yml at a56e1c7
name: Main deployment
# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the main and staging branches
on:
push:
branches: [ main, staging ]
# globals
env:
MUSCAT_GUIDELINES_REPO: rism-digital/muscat-guidelines
MUSCAT_REPO: rism-digital/muscat
TRANSLATIONS_REPO: rism-digital/translations
MUSCAT_GUIDELINES_PATH: 'muscat-guidelines'
MUSCAT_PATH: 'muscat'
TRANSLATIONS_PATH: 'translations'
BUILD_PATH: 'build'
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: "Install ruby"
uses: actions/setup-ruby@v1
with:
ruby-version: '3.1'
- name: Install packages
run: |
sudo apt install openresolv wireguard
# Checks-out external repositories
- uses: actions/checkout@v4
with:
repository: ${{ env.MUSCAT_GUIDELINES_REPO }}
path: ${{ env.MUSCAT_GUIDELINES_PATH }}
- uses: actions/checkout@v4
with:
repository: ${{ env.MUSCAT_REPO }}
path: ${{ env.MUSCAT_PATH }}
- uses: actions/checkout@v4
with:
repository: ${{ env.TRANSLATIONS_REPO }}
path: ${{ env.TRANSLATIONS_PATH }}
# Checks-out this repository under $BUILD_PATH
- uses: actions/checkout@v4
with:
path: ${{ env.BUILD_PATH }}
- name:
working-directory: ${{ env.BUILD_PATH }}
run: sed -i 's/https:\/\/guidelines\.rism\.info/https:\/\/guidelines-stage\.rism\.info/g' _config.yml
if: endsWith(github.ref, '/staging')
# Use GitHub Actions' cache to shorten build times and decrease load on servers
- uses: actions/cache@v3
with:
path: ${{ env.BUILD_PATH }}/vendor/bundle
key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}-v3
restore-keys: |
${{ runner.os }}-gems-v3
- name: "Build the site"
working-directory: ${{ env.BUILD_PATH }}
run: |
bundle config path vendor/bundle
bundle install
bundle exec jekyll build
# Install node/lunr and build the index
- uses: actions/setup-node@v3
with:
node-version: '16'
- name: Build the index
working-directory: ${{ env.BUILD_PATH }}
run: |
npm install [email protected]
npm install lunr-languages
node _site/assets/js/build_index.js _site/pages.json index.json
# looks like lemonarc/[email protected] runs as root...
sudo mv index.json ./_site/
- name: Set server to deployment if on staging branch
if: endsWith(github.ref, '/staging')
run: |
echo "DEPLOY_SERVER=${{ secrets.DEPLOY_STAGING_SERVER }}" >> $GITHUB_ENV
echo "DEPLOY_PATH=${{ secrets.DEPLOY_STAGING_PATH }}" >> $GITHUB_ENV
- name: Set server to production if on main branch
if: endsWith(github.ref, '/main')
run: |
echo "DEPLOY_SERVER=${{ secrets.DEPLOY_PRODUCTION_SERVER }}" >> $GITHUB_ENV
echo "DEPLOY_PATH=${{ secrets.DEPLOY_PRODUCTION_PATH }}" >> $GITHUB_ENV
- name: Install packages
working-directory: ${{ env.BUILD_PATH }}
run: |
sudo echo "${{ secrets.VPN_CONFIGURATION }}" > ./wg0.conf
- name: Set up Wireguard VPN
working-directory: ${{ env.BUILD_PATH }}
run: |
sudo wg-quick up ./wg0.conf
# Deploy to remote server
- name: Deploy with rsync
uses: burnett01/[email protected]
with:
switches: -avzr --delete --exclude="uploads" --exclude=".well-known" --exclude="wg0.conf"
path: ${{ env.BUILD_PATH }}/_site/
remote_path: ${{ env.DEPLOY_PATH }}
remote_host: ${{ env.DEPLOY_SERVER }}
remote_user: ${{ secrets.DEPLOY_USER }}
remote_key: ${{ secrets.DEPLOY_KEY }}
- name: Disconnect VPN
working-directory: ${{ env.BUILD_PATH }}
run: |
sudo wg-quick down ./wg0.conf