Pin down action to full-length commit SHA and sign-off automated commit #45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Deploy Docusaurus Site | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| workflow_dispatch: | |
| inputs: | |
| target: | |
| description: "Deploy target" | |
| required: true | |
| default: "gh" | |
| type: choice | |
| options: | |
| - gh | |
| - dreamhost | |
| permissions: | |
| contents: read | |
| pages: write | |
| id-token: write | |
| jobs: | |
| build: | |
| name: Build site | |
| runs-on: ubuntu-latest | |
| outputs: | |
| deploy_target: ${{ steps.set-target.outputs.target }} | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Set deploy target | |
| id: set-target | |
| run: | | |
| if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then | |
| echo "target=${{ inputs.target }}" >> $GITHUB_OUTPUT | |
| else | |
| echo "target=gh" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Setup Node | |
| uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f #v6.3.0 | |
| with: | |
| node-version: 20 | |
| cache: npm | |
| cache-dependency-path: website/package-lock.json | |
| - name: Install dependencies | |
| run: | | |
| cd website | |
| npm ci | |
| - name: Build Docusaurus site | |
| env: | |
| DEPLOY_TARGET: ${{ steps.set-target.outputs.target }} | |
| run: | | |
| cd website | |
| npm run build | |
| - name: Upload build artifact | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: docusaurus-build | |
| path: website/build | |
| deploy-gh-pages: | |
| name: Deploy to GitHub Pages | |
| needs: build | |
| if: | | |
| needs.build.outputs.deploy_target == 'gh' && | |
| github.event_name != 'pull_request' | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: github-pages | |
| steps: | |
| - name: Download build artifact | |
| uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 | |
| with: | |
| name: docusaurus-build | |
| path: build | |
| - name: Upload Pages artifact | |
| uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b #v4.0.0 | |
| with: | |
| path: build | |
| - name: Deploy to GitHub Pages | |
| uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e #v4.0.5 | |
| deploy-dreamhost: | |
| name: Deploy to DreamHost | |
| needs: build | |
| if: | | |
| needs.build.outputs.deploy_target == 'dreamhost' && | |
| github.event_name != 'pull_request' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download build artifact | |
| uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 | |
| with: | |
| name: docusaurus-build | |
| path: build | |
| - name: Setup SSH | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "${{ secrets.DREAMHOST_SSH_KEY }}" > ~/.ssh/id_rsa | |
| chmod 600 ~/.ssh/id_rsa | |
| ssh-keyscan -H ${{ secrets.DREAMHOST_HOST }} >> ~/.ssh/known_hosts | |
| - name: Deploy via rsync | |
| run: | | |
| rsync -avz --delete build/ \ | |
| ${{ secrets.DREAMHOST_USER }}@${{ secrets.DREAMHOST_HOST }}:${{ secrets.DREAMHOST_PATH }}/ |