Merge pull request #11 from joshbeard/renovate/actions-checkout-4.x #194
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# NOTE: This depends on AWS resources deployed for the "joshbeard.me" website. | |
# Refer to https://github.com/joshbeard/joshbeard.me-tf-aws | |
name: Build | |
on: | |
push: | |
branches: | |
- master | |
jobs: | |
yamllint: | |
name: YAML Lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 | |
- name: yaml-lint | |
uses: ibiqlik/action-yamllint@v3 | |
with: | |
file_or_dir: resume.yaml | |
# NOTE: This spell checker only checks the changes *in a commit*. It won't | |
# scan the whole repo or even a whole file - just what's changed. | |
# See https://github.com/TypoCI/spellcheck-action | |
# Another option: https://github.com/check-spelling/check-spelling | |
spellcheck: | |
name: Spell Check | |
runs-on: ubuntu-latest | |
timeout-minutes: 4 | |
if: "!contains(github.event.head_commit.message, '[ci skip]')" | |
steps: | |
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 | |
with: | |
ref: ${{ github.ref }} | |
- name: TypoCheck | |
uses: typoci/spellcheck-action@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
build: | |
name: Build Resume | |
runs-on: ubuntu-latest | |
needs: [spellcheck, yamllint] | |
steps: | |
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 | |
with: | |
ref: ${{ github.ref }} | |
- name: Generate resume documents from templates (html, md, gemini, txt, json) | |
run: | | |
pip install -r requirements.txt | |
make html md txt gmi json | |
- name: Upload Markdown Artifact | |
uses: actions/upload-artifact@master | |
with: | |
name: markdown | |
path: | | |
README.md | |
- name: Upload Gemini Artifact | |
uses: actions/upload-artifact@master | |
with: | |
name: gmi | |
path: | | |
resume.gmi | |
- name: Upload Text Artifact | |
uses: actions/upload-artifact@master | |
with: | |
name: txt | |
path: | | |
resume.txt | |
- name: Upload Narrow Text Artifact | |
uses: actions/upload-artifact@master | |
with: | |
name: narrow_txt | |
path: | | |
resume-narrow.txt | |
- name: Upload JSON Artifact | |
uses: actions/upload-artifact@master | |
with: | |
name: json | |
path: | | |
resume.json | |
- name: Add man page frontmatter | |
run: > | |
_DATE=$(date "+%B %Y") | |
echo "% JoshBeard(7) joshbeard.me\n% Josh Beard ([email protected])\n% ${_DATE}\n\n" | cat - README.md > README.man.md | |
- name: Generate man page | |
uses: docker://pandoc/latex | |
with: | |
args: > | |
--from markdown --to man | |
-s README.man.md -o joshbeard-resume.7 | |
- name: Upload man page artifact | |
uses: actions/upload-artifact@master | |
with: | |
name: man | |
path: | | |
joshbeard-resume.7 | |
- name: Generate Word Document | |
uses: docker://pandoc/latex | |
with: | |
args: > | |
--from markdown --to docx README.md | |
-f gfm | |
-o dist/Josh-Beard-Resume.docx | |
- name: Upload Word Artifact | |
uses: actions/upload-artifact@master | |
with: | |
name: word | |
path: | | |
dist/Josh-Beard-Resume.docx | |
- name: Generate PDF Document | |
uses: browser-actions/setup-chrome@latest | |
- run: > | |
chrome | |
-headless | |
-disable-gpu | |
--no-sandbox | |
--print-to-pdf=dist/Josh-Beard-Resume.pdf | |
--print-to-pdf-no-header | |
dist/index.html | |
- name: Upload PDF Artifact | |
uses: actions/upload-artifact@master | |
with: | |
name: pdf | |
path: | | |
dist/Josh-Beard-Resume.pdf | |
- name: Minify Action | |
uses: anthonyftwang/[email protected] | |
- name: Copy artifacts into dist | |
run: | | |
cp joshbeard-resume.7 resume.txt resume-narrow.txt resume.json dist | |
- uses: actions/upload-artifact@master | |
name: Upload Resume Artifacts | |
with: | |
name: src | |
path: | | |
dist/ | |
validate: | |
name: HTML Validation | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 | |
with: | |
ref: ${{ github.ref }} | |
- uses: actions/download-artifact@master | |
name: Download Resume Artifacts | |
with: | |
name: src | |
path: _site | |
- name: HTML Validation | |
uses: Cyb3r-Jak3/[email protected] | |
with: | |
root: _site | |
add-markdown: | |
name: Commit and add Markdown Resume | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 | |
with: | |
ref: ${{ github.ref }} | |
- uses: actions/download-artifact@master | |
name: Download Resume Artifacts | |
with: | |
name: markdown | |
path: . | |
- name: Debug | |
run: | | |
ls | |
git status | |
- name: Commit Markdown | |
uses: EndBug/add-and-commit@v9 | |
with: | |
author_name: Josh Beard | |
author_email: [email protected] | |
message: 'Generated Markdown Resume' | |
add: 'README.md' | |
local-deploy: | |
name: Deploy locally | |
runs-on: self-hosted | |
needs: validate | |
if: "!contains(github.event.head_commit.message, '[skip deploy]')" | |
steps: | |
- uses: actions/download-artifact@master | |
with: | |
name: gmi | |
- uses: actions/download-artifact@master | |
with: | |
name: txt | |
- uses: actions/download-artifact@master | |
with: | |
name: pdf | |
- uses: actions/download-artifact@master | |
with: | |
name: word | |
- uses: actions/download-artifact@master | |
with: | |
name: man | |
- name: Deploy resume to Gemini server | |
id: deploy | |
uses: Pendect/[email protected] | |
env: | |
DEPLOY_KEY: ${{secrets.DEPLOY_KEY}} | |
with: | |
flags: '-rv' | |
options: '--chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r' | |
ssh_options: '' | |
src: '.' | |
dest: '${{ secrets.DEPLOY_USER }}@${{ secrets.LOCAL_GEMINI_SERVER }}:${{ secrets.DEPLOY_PATH }}/' | |
- name: Display status from deploy | |
run: echo "${{ steps.deploy.outputs.status }}" | |
- uses: actions/download-artifact@master | |
with: | |
name: narrow_txt | |
- name: Deploy resume to Gopher server | |
id: deploy_gopher | |
uses: Pendect/[email protected] | |
env: | |
DEPLOY_KEY: ${{secrets.DEPLOY_KEY}} | |
with: | |
flags: '-rv' | |
options: '--chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r' | |
ssh_options: '' | |
src: 'resume-narrow.txt' | |
dest: '${{ secrets.DEPLOY_USER }}@${{ secrets.LOCAL_GEMINI_SERVER }}:${{ secrets.GOPHER_DEPLOY_PATH }}/resume.txt' | |
- name: Display status from deploy | |
run: echo "${{ steps.deploy_gopher.outputs.status }}" | |
deploy: | |
name: Deploy Resume Website | |
runs-on: ubuntu-latest | |
needs: validate | |
if: "!contains(github.event.head_commit.message, '[skip deploy]')" | |
steps: | |
- uses: actions/download-artifact@master | |
with: | |
name: src | |
- name: Upload to S3 | |
uses: jakejarvis/s3-sync-action@master | |
with: | |
args: --acl public-read --follow-symlinks --delete --cache-control max-age=604800 | |
env: | |
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_REGION: 'us-west-2' | |
SOURCE_DIR: '.' | |
DEST_DIR: "resume" | |
- name: Set up aws-cli | |
uses: hsupu/setup-awscli@v1 | |
- name: Set cache on S3 objects | |
run: | | |
ls | |
aws s3 cp s3://s3-website-joshbeard-me/resume/assets/ s3://s3-website-joshbeard-me/resume/assets/ --recursive --acl public-read --cache-control max-age=15552000 | |
for f in index.html Josh-Beard-Resume.pdf Josh-Beard-Resume.docx resume.txt resume-narrow.txt resume.json; do | |
aws s3 cp s3://${{ secrets.AWS_S3_BUCKET }}/resume/${f} s3://${{ secrets.AWS_S3_BUCKET }}/resume/ --acl public-read --cache-control max-age=604800 | |
done | |
env: | |
# https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: 'us-west-2' | |
- name: Invalidate CloudFront Cache | |
uses: chetan/invalidate-cloudfront-action@v2 | |
env: | |
DISTRIBUTION: ${{ secrets.CF_DISTRIBUTION }} | |
PATHS: "/resume*" | |
AWS_REGION: "us-east-1" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |