privacyguides.org/.github/workflows/build-pr.yml

130 lines
4.0 KiB
YAML
Raw Normal View History

name: 🛠️ Build PR Preview
on:
pull_request:
concurrency:
group: ${{github.event.pull_request.head.ref}}
cancel-in-progress: true
permissions:
contents: read
jobs:
metadata:
runs-on: ubuntu-latest
outputs:
submodules: ${{ steps.submodules-fork.outputs.submodules || steps.submodules-main.outputs.submodules }}
privileged: ${{ steps.submodules-fork.outputs.privileged || steps.submodules-main.outputs.privileged }}
env:
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
steps:
- name: Set submodules for fork
if: env.ACTIONS_SSH_KEY == ''
id: submodules-fork
run: |
echo 'submodules={"repo":["brand","i18n"]}' >> "$GITHUB_OUTPUT"
echo "privileged=false" >> "$GITHUB_OUTPUT"
- name: Set submodules for main repo
if: env.ACTIONS_SSH_KEY != ''
id: submodules-main
run: |
echo 'submodules={"repo":["brand","i18n","mkdocs-material-insiders"]}' >> "$GITHUB_OUTPUT"
echo "privileged=true" >> "$GITHUB_OUTPUT"
- name: Save PR metadata
run: |
mkdir -p ./metadata
echo ${{ github.event.number }} > ./metadata/NR
echo ${{ github.event.pull_request.head.sha }} > ./metadata/SHA
- name: Upload metadata as artifact
uses: actions/upload-artifact@v4
with:
name: metadata
path: metadata
submodule:
needs: metadata
strategy:
matrix: ${{ fromJson(needs.metadata.outputs.submodules) }}
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
secrets:
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
build_english:
needs: [submodule, metadata]
strategy:
matrix:
lang: [en]
fail-fast: true
uses: ./.github/workflows/build.yml
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
lang: en
continue-on-error: false
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
strict: true
build_i18n:
if: ${{ contains(github.event.pull_request.labels.*.name, 'ci:build i18n') }}
needs: [submodule, metadata]
strategy:
matrix:
lang: [es, fr, he, it, nl, ru, zh-Hant]
fail-fast: false
uses: ./.github/workflows/build.yml
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
lang: ${{ matrix.lang }}
continue-on-error: true
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
strict: true
build_blog:
if: ${{ contains(github.event.pull_request.labels.*.name, 'ci:build blog') }}
needs: [submodule, metadata]
uses: ./.github/workflows/build-blog.yml
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
continue-on-error: true
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
combine_build:
needs: [build_english, build_i18n, build_blog]
if: |
(always() && !cancelled() && !failure()) &&
needs.build_english.result == 'success' &&
(needs.build_i18n.result == 'success' || needs.build_i18n.result == 'skipped') &&
(needs.build_blog.result == 'success' || needs.build_blog.result == 'skipped')
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- name: Upload Site
uses: actions/upload-artifact@v4
with:
name: site-build-combined
path: site
retention-days: 5
cleanup:
if: ${{ always() }}
needs: [build_english, build_i18n, build_blog]
uses: privacyguides/.github/.github/workflows/cleanup.yml@main