privacyguides.org/.github/workflows/build.yml
Jonah Aragon 9ad1c6450a
ci: Use strict mkdocs builds on PR previews (#2685)
Signed-off-by: Mare Polaris <15004290+ph00lt0@users.noreply.github.com>
Signed-off-by: Daniel Gray <dngray@privacyguides.org>
2024-08-02 23:32:16 +09:30

275 lines
8.7 KiB
YAML

name: 🛠️ Build Website
on:
workflow_call:
inputs:
config:
type: string
default: build
ref:
required: true
type: string
repo:
required: true
type: string
lang:
type: string
default: en
context:
type: string
default: deploy-preview
continue-on-error:
type: boolean
default: true
privileged:
type: boolean
default: true
strict:
type: boolean
default: false
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
continue-on-error: ${{ inputs.continue-on-error }}
permissions:
contents: read
steps:
- name: Add GitHub Token to Environment
run: |
echo "GH_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> "$GITHUB_ENV"
- name: Set Metadata
if: inputs.config == 'build'
run: |
{
echo "BUILD_CONTEXT=${{ inputs.context }}"
echo "EXTRA_FLAGS=""$EXTRA_FLAGS" --production""
} >> "$GITHUB_ENV"
- name: Set Metadata for Privileged Builds
if: inputs.privileged
run: |
echo "BUILD_INSIDERS=true" >> "$GITHUB_ENV"
echo "EXTRA_FLAGS=""$EXTRA_FLAGS" --insiders"" >> "$GITHUB_ENV"
- name: Set Metadata for Offline Mode
if: inputs.config == 'offline'
run: |
{
echo "EXTRA_FLAGS=""$EXTRA_FLAGS" --offline""
} >> "$GITHUB_ENV"
- name: Set Metadata for Strict Mode
if: inputs.strict
run: |
echo "EXTRA_FLAGS=""$EXTRA_FLAGS" --cmd_flags=--strict"" >> "$GITHUB_ENV"
- name: Download Repository
uses: actions/checkout@v4
with:
repository: ${{ inputs.repo }}
ref: ${{ inputs.ref }}
persist-credentials: "false"
fetch-depth: 0
- name: Download Submodules
uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- name: Move mkdocs-material-insiders to mkdocs-material
if: inputs.privileged
run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
- name: Move brand submodule to theme/assets/brand
run: |
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- name: Copy Translation Files
if: inputs.lang != 'en'
run: |
cp -rl modules/repo-i18n/i18n .
cp -rl modules/repo-i18n/includes .
- name: Install Python (pipenv)
if: inputs.privileged
uses: actions/setup-python@v5
with:
cache: "pipenv"
- name: Install Python (no pipenv)
if: ${{ !inputs.privileged }}
uses: actions/setup-python@v5
- name: Restore Privacy Plugin Cache
uses: actions/cache/restore@v4.0.2
id: privacy_cache_restore
with:
key: privacy-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/privacy/**') }}
path: |
.cache/plugin/privacy
restore-keys: |
privacy-cache-${{ inputs.repo }}-
privacy-cache-privacyguides/privacyguides.org-
privacy-cache-
- name: Restore Social Plugin Cache
uses: actions/cache/restore@v4.0.2
id: social_cache_restore
with:
key: social-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
path: |
.cache/plugin/social/manifest.json
.cache/plugin/social/assets
restore-keys: |
social-cache-${{ inputs.repo }}-${{ inputs.lang }}-
social-cache-privacyguides/privacyguides.org-${{ inputs.lang }}-
- name: Restore Optimize Plugin Cache
uses: actions/cache/restore@v4.0.2
id: optimize_cache_restore
with:
key: optimize-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
path: |
.cache/plugin/optimize
restore-keys: |
optimize-cache-${{ inputs.repo }}-
optimize-cache-privacyguides/privacyguides.org-
optimize-cache-
- name: Install Python Dependencies
if: inputs.privileged
run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- name: Install Python Dependencies (Unprivileged)
if: ${{ !inputs.privileged }}
run: |
pip install mkdocs-material
sudo apt install pngquant
echo "EXTRA_FLAGS=""$EXTRA_FLAGS" --cmd=mkdocs"" >> "$GITHUB_ENV"
- name: Build Website
run: |
eval ./run.sh --build --lang=${{ inputs.lang }} "$EXTRA_FLAGS"
- name: Package Website
run: |
tar -czf site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz site
- name: Find Privacy Plugin Cache
uses: actions/cache/restore@v4.0.2
if: steps.privacy_cache_restore.outputs.cache-hit != 'true'
id: privacy_cache_test
with:
key: privacy-cache-privacyguides/privacyguides.org-${{ hashfiles('.cache/plugin/privacy/**') }}
lookup-only: true
path: |
.cache/plugin/privacy
- name: Find Social Plugin Cache
uses: actions/cache/restore@v4.0.2
if: steps.social_cache_restore.outputs.cache-hit != 'true'
id: social_cache_test
with:
key: social-cache-privacyguides/privacyguides.org-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
lookup-only: true
path: |
.cache/plugin/social/manifest.json
.cache/plugin/social/assets
- name: Find Optimize Plugin Cache
uses: actions/cache/restore@v4.0.2
if: steps.optimize_cache_restore.outputs.cache-hit != 'true'
id: optimize_cache_test
with:
key: optimize-cache-privacyguides/privacyguides.org-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
lookup-only: true
path: |
.cache/plugin/optimize
- name: Save Privacy Plugin Cache
uses: actions/cache/save@v4.0.2
if: steps.privacy_cache_test.outputs.cache-hit != 'true'
with:
key: privacy-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/privacy/**') }}
path: .cache/plugin/privacy
- name: Save Social Plugin Cache
uses: actions/cache/save@v4.0.2
if: steps.social_cache_test.outputs.cache-hit != 'true'
with:
key: social-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
path: |
.cache/plugin/social/manifest.json
.cache/plugin/social/assets
- name: Save Optimize Plugin Cache
uses: actions/cache/save@v4.0.2
if: steps.optimize_cache_test.outputs.cache-hit != 'true'
with:
key: optimize-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
path: .cache/plugin/optimize
- name: Upload Site
uses: actions/upload-artifact@v4
with:
name: site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz
path: site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz
retention-days: 1
offline_package:
if: inputs.config == 'offline' && inputs.lang == 'en'
needs: build
runs-on: ubuntu-latest
continue-on-error: ${{ inputs.continue-on-error }}
permissions:
contents: read
steps:
- uses: actions/download-artifact@v4
with:
name: site-offline-en.tar.gz
- run: |
tar -xzf site-offline-en.tar.gz
tar -czf offline.tar.gz site/en
zip -r -q offline.zip site/en
- name: Upload tar.gz file
uses: actions/upload-artifact@v4
with:
name: offline.tar.gz
path: offline.tar.gz
- name: Upload zip file
uses: actions/upload-artifact@v4
with:
name: offline.zip
path: offline.zip
- name: Create ZIM File
uses: addnab/docker-run-action@v3
with:
image: ghcr.io/openzim/zim-tools:3.1.3
options: -v ${{ github.workspace }}:/data
run: |
zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site/en /data/offline-privacy_guides.zim
- name: Upload ZIM file
uses: actions/upload-artifact@v4
with:
name: offline-privacy_guides.zim
path: offline-privacy_guides.zim