From 12e195fb2bfd142227a2bfae983c1a762c19e6cf Mon Sep 17 00:00:00 2001 From: TrebledJ <39648915+TrebledJ@users.noreply.github.com> Date: Wed, 22 Nov 2023 19:09:51 +0800 Subject: [PATCH] chore: workflows --- .github/workflows/automerge.yml | 43 +++++++++++++ .github/workflows/build.yml | 105 ++++++++++++++++++++++++++++++++ .github/workflows/deploy.yml | 64 +++++++++---------- 3 files changed, 180 insertions(+), 32 deletions(-) create mode 100644 .github/workflows/automerge.yml create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 000000000..8528b5bbe --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,43 @@ +# https://nicolasiensen.github.io/2022-07-23-automating-dependency-updates-with-dependabot-github-auto-merge-and-github-actions/ + +name: Dependabot Reviewer + +on: pull_request_target + +permissions: + pull-requests: write + contents: write + +jobs: + review-dependabot-pr: + runs-on: ubuntu-latest + if: ${{ github.event.pull_request.user.login == 'dependabot' }} + steps: + - name: Dependabot metadata + id: dependabot-metadata + uses: dependabot/fetch-metadata@v1.3.1 + - name: Enable auto-merge for Dependabot PRs + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + - name: Approve patch and minor updates + if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor'}} + run: gh pr review $PR_URL --approve -b "This pull request is **automatically approved** because it includes a **patch or minor update**." + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + - name: Approve major updates of development dependencies + if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major' && steps.dependabot-metadata.outputs.dependency-type == 'direct:development'}} + run: gh pr review $PR_URL --approve -b "This pull request is **automatically approved** because it includes a **major update of a dependency used only in development**." + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + - name: Comment on major updates of non-development dependencies + if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major' && steps.dependabot-metadata.outputs.dependency-type == 'direct:production'}} + run: | + gh pr comment $PR_URL --body "This pull request is ***not* automatically approved** because it includes a **major update of a dependency used in production**." + gh pr edit $PR_URL --add-label "requires-manual-qa" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 000000000..f2630cd52 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,105 @@ + +# Build (without deploying) an Eleventy site to a local site branch (for further workflow automation) +# See deploy.yml for a build + deploy to GitHub Pages workflow. +name: Build Eleventy Site + +on: + # Runs on pushes targeting the default branch + push: + # branches: master + paths: + - '**' + - '!.gitignore' + - '!*.md' + - '!LICENSE' + - '!.eslintignore' + - '!.eslintrc.yml' + - '!.github/**' + - '!.lycheeignore' + - '!.vscode/**' + - '!archive/**' + - '!scripts/**' + - '!ust/**' + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages +permissions: + contents: write + pages: write + id-token: write + +# Allow one concurrent deployment +concurrency: + group: "pages" + cancel-in-progress: true + +jobs: + # Build job + build: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 # Fetch all commit history. + + - name: Detect Package Manager + id: detect-package-manager + run: | + if [ -f "${{ github.workspace }}/yarn.lock" ]; then + echo "manager=yarn" >> $GITHUB_OUTPUT + echo "command=install" >> $GITHUB_OUTPUT + exit 0 + elif [ -f "${{ github.workspace }}/package.json" ]; then + echo "manager=npm" >> $GITHUB_OUTPUT + echo "command=ci" >> $GITHUB_OUTPUT + exit 0 + else + echo "Unable to determine packager manager" + exit 1 + fi + + - name: Setup Node + uses: actions/setup-node@v4 + with: + node-version: 16 + cache: ${{ steps.detect-package-manager.outputs.manager }} + + - name: Setup Pages + uses: actions/configure-pages@v3 + - name: Restore cache + uses: actions/cache@v3 + with: + path: | + .cache + .eleventy/cache + # Generate a new cache whenever packages or source files change. + key: ${{ runner.os }}-eleventy-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }} + # If source files changed but packages didn't, rebuild from a prior cache. + restore-keys: | + ${{ runner.os }}-eleventy-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}- + + - name: Install Dependencies + run: ${{ steps.detect-package-manager.outputs.manager }} ${{ steps.detect-package-manager.outputs.command }} + + - name: Build + run: ${{ steps.detect-package-manager.outputs.manager }} run prod + + - name: Commit & Push Site Build + uses: stefanzweifel/git-auto-commit-action@v5 + with: + commit_message: Build site from GitHub Actions + branch: site + create_branch: true + + file_pattern: '_site/** .lycheeignore' + + commit_options: '--no-verify --signoff' + add_options: '-f' + push_options: '--force' + + skip_checkout: true + skip_dirty_check: true + skip_fetch: true diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b151e5c78..d675c01f3 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,21 +3,21 @@ name: Deploy Eleventy Site to Pages on: # Runs on pushes targeting the default branch - push: - branches: master - paths: - - '**' - - '!.gitignore' - - '!*.md' - - '!LICENSE' - - '!.eslintignore' - - '!.eslintrc.yml' - - '!.github/**' - - '!.lycheeignore' - - '!.vscode/**' - - '!archive/**' - - '!scripts/**' - - '!ust/**' + # push: + # branches: master + # paths: + # - '**' + # - '!.gitignore' + # - '!*.md' + # - '!LICENSE' + # - '!.eslintignore' + # - '!.eslintrc.yml' + # - '!.github/**' + # - '!.lycheeignore' + # - '!.vscode/**' + # - '!archive/**' + # - '!scripts/**' + # - '!ust/**' # Allows you to run this workflow manually from the Actions tab workflow_dispatch: @@ -102,20 +102,20 @@ jobs: skip_dirty_check: true skip_fetch: true - # - name: Upload Artifact - # uses: actions/upload-pages-artifact@v2 - # with: - # path: ./_site - - # # Deployment job - # deploy: - # environment: - # name: github-pages - # # url: ${{ steps.deployment.outputs.page_url }} - # # url: trebledj.github.io - # runs-on: ubuntu-latest - # needs: build - # steps: - # - name: Deploy to GitHub Pages - # id: deployment - # uses: actions/deploy-pages@v2 \ No newline at end of file + - name: Upload Artifact + uses: actions/upload-pages-artifact@v2 + with: + path: ./_site + + # Deployment job + deploy: + environment: + name: github-pages + # url: ${{ steps.deployment.outputs.page_url }} + # url: trebledj.github.io + runs-on: ubuntu-latest + needs: build + steps: + - name: Deploy to GitHub Pages + id: deployment + uses: actions/deploy-pages@v2 \ No newline at end of file