privacyguides/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-07-02 17:42:39 +00:00
Code Issues Activity

Automated PR Testing (#2469)

Browse Source
This commit is contained in:
Jonah Aragon
2024-03-31 06:10:46 -05:00
committed by Daniel Gray
parent b536928661
commit 632761cae1
63 changed files with 471 additions and 867 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
.github/workflows/build-offline.yml vendored
View File

@ -1,113 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Build Offline Website
on:
workflow_call:
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
persist-credentials: 'false'
- uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- name: Python setup
uses: actions/setup-python@v5
with:
cache: 'pipenv'
- uses: actions/cache/restore@v4.0.2
with:
key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
restore-keys: |
site-cache-${{ github.repository }}-en-${{ github.ref }}-
site-cache-${{ github.repository }}-en-
- name: Install Python dependencies
run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- name: Build website
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CARDS: false
run: |
pipenv run mkdocs build --config-file config/mkdocs-offline.yml
pipenv run mkdocs --version
- name: Package website
run: |
tar -czvf offline.tar.gz site
zip -r -q offline.zip site
- uses: actions/cache/save@v4.0.2
with:
key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
- name: Upload tar.gz file
uses: actions/upload-artifact@v4
with:
name: offline.tar.gz
path: offline.tar.gz
- name: Upload zip file
uses: actions/upload-artifact@v4
with:
name: offline.zip
path: offline.zip
- name: Create ZIM File
uses: addnab/docker-run-action@v3
with:
image: ghcr.io/openzim/zim-tools:3.1.3
options: -v ${{ github.workspace }}:/data
run: |
zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site /data/offline-privacy_guides.zim
- name: Upload ZIM file
uses: actions/upload-artifact@v4
with:
name: offline-privacy_guides.zim
path: offline-privacy_guides.zim

136
.github/workflows/build.yml vendored
View File

@ -1,136 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Build Website
on:
workflow_call:
inputs:
ref:
required: true
type: string
repo:
required: true
type: string
lang:
type: string
default: en
context:
type: string
default: deploy-preview
continue-on-error:
type: boolean
default: true
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
continue-on-error: ${{ inputs.continue-on-error }}
permissions:
contents: read
steps:
- uses: actions/checkout@v4
with:
repository: ${{ inputs.repo }}
ref: ${{ inputs.ref }}
persist-credentials: 'false'
fetch-depth: 0
- uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- if: inputs.lang != 'en'
run: |
cp -rl modules/repo-i18n/i18n .
cp -rl modules/repo-i18n/includes .
cp -rl modules/repo-i18n/theme .
- uses: actions/setup-python@v5
with:
cache: 'pipenv'
- uses: actions/cache/restore@v4.0.2
with:
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
restore-keys: |
site-cache-${{ inputs.repo }}-${{ inputs.ref }}-
site-cache-${{ inputs.repo }}-
- uses: actions/cache/restore@v4.0.2
with:
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
path: |
config/.cache/plugin/social/manifest.json
config/.cache/plugin/social/assets
restore-keys: |
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-
- run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- if: inputs.lang != 'en'
uses: falti/dotenv-action@v1.1
with:
path: includes/strings.${{ inputs.lang }}.env
export-variables: true
keys-case: bypass
- env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CONTEXT: ${{ inputs.context }}
PRODUCTION: true
run: |
pipenv run mkdocs build --config-file config/mkdocs.${{ inputs.lang }}.yml
cp -r static/* site/
pipenv run mkdocs --version
tar -czvf site-build-${{ inputs.lang }}.tar.gz site
- uses: actions/cache/save@v4.0.2
with:
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
- uses: actions/cache/save@v4.0.2
with:
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
path: |
config/.cache/plugin/social/manifest.json
config/.cache/plugin/social/assets
- uses: actions/upload-artifact@v4
with:
name: site-build-${{ inputs.lang }}.tar.gz
path: site-build-${{ inputs.lang }}.tar.gz

33
.github/workflows/cleanup.yml vendored
View File

@ -1,33 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Cleanup Artifacts
on:
workflow_call:
jobs:
cleanup:
runs-on: ubuntu-latest
steps:
- uses: geekyeggo/delete-artifact@v5
with:
name: repo-*
failOnError: false

51
.github/workflows/deploy-all.yml vendored Normal file
View File

@ -0,0 +1,51 @@
name: Deploy Website Build
permissions:
contents: read
pages: write
id-token: write
on:
workflow_call:
inputs:
netlify_production:
type: boolean
default: true
github_pages:
type: boolean
default: true
minio_production:
type: boolean
default: true
outputs:
netlify_preview_address:
value: ${{ jobs.netlify.outputs.address }}
secrets:
NETLIFY_TOKEN:
PROD_MINIO_KEY_ID:
PROD_MINIO_SECRET_KEY:
jobs:
netlify:
if: inputs.netlify_production
uses: privacyguides/.github/.github/workflows/deploy-netlify.yml@main
with:
netlify_site_id: ${{ vars.PROD_NETLIFY_SITE }}
environment: production
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
minio:
if: inputs.minio_production
uses: privacyguides/.github/.github/workflows/deploy-minio.yml@main
with:
environment: production
secrets:
PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
pages:
if: inputs.github_pages
uses: privacyguides/.github/.github/workflows/deploy-pages.yml@main
with:
environment: github-pages

237
.github/workflows/deploy.yml vendored
View File

@ -1,237 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Deploy Website Build
on:
workflow_call:
inputs:
netlify_preview:
type: boolean
netlify_alias:
type: string
netlify_production:
type: boolean
github_pages:
type: boolean
bunnycdn_production:
type: boolean
minio_production:
type: boolean
outputs:
netlify_preview_address:
value: ${{ jobs.netlify_preview.outputs.address }}
secrets:
NETLIFY_TOKEN:
PROD_BUNNYCDN_API_KEY:
PROD_BUNNYCDN_PASSWORD:
PROD_MINIO_KEY_ID:
PROD_MINIO_SECRET_KEY:
jobs:
netlify_preview:
if: inputs.netlify_preview
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
address: ${{ steps.address.outputs.address }}
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml
ls -la site/
- uses: actions/setup-node@v4
- run: |
npm install netlify-cli -g
- if: inputs.netlify_preview
name: Limit length of Netlify alias to 12
run: echo "SHORT_ALIAS=`echo ${{ inputs.netlify_alias }} | cut -c1-12`" >> $GITHUB_ENV
- if: inputs.netlify_preview
id: deployment
env:
NETLIFY_SITE_ID: ${{ vars.NETLIFY_SITE }}
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
run: |
netlify deploy --dir=site --alias=${{ env.SHORT_ALIAS }}
echo "DEPLOYED_ADDRESS=https://${{ env.SHORT_ALIAS }}--${{ vars.NETLIFY_SITE }}.netlify.app/" >> "$GITHUB_ENV"
- id: address
run: |
echo "address=$DEPLOYED_ADDRESS" >> "$GITHUB_OUTPUT"
netlify_production:
if: inputs.netlify_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://illustrious-bavarois-56cf30.netlify.app/
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml
ls -la site/
- uses: actions/setup-node@v4
- run: |
npm install netlify-cli -g
- id: prod_deployment
env:
NETLIFY_SITE_ID: ${{ vars.PROD_NETLIFY_SITE }}
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
run: |
netlify deploy --dir=site --prod-if-unlocked
github_pages:
if: inputs.github_pages
runs-on: ubuntu-latest
concurrency:
group: "pages"
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
# Grant GITHUB_TOKEN the permissions required to make a Pages deployment
permissions:
contents: read
pages: write # to deploy to Pages
id-token: write # to verify the deployment originates from an appropriate source
steps:
- uses: actions/configure-pages@v5
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: 1arp/create-a-file-action@0.4.4
with:
path: site
file: index.html
content: |
<html lang="en">
<head>
<title>Redirecting to English site...</title>
<meta
http-equiv="refresh"
content="0; URL=./en/"
/>
</head>
</html>
- uses: actions/upload-pages-artifact@v3
with:
path: site
- id: deployment
uses: actions/deploy-pages@main
bunnycdn_production:
if: inputs.bunnycdn_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://privacyguides-org-production.b-cdn.net
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: own3d/bunny-action@bfaa5c6bc8b7a7ebd599ddd4912347d7c3847e78
env:
BUNNY_API_ACCESS_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }}
BUNNY_STORAGE_HOSTNAME: storage.bunnycdn.com
BUNNY_STORAGE_USERNAME: ${{ vars.PROD_BUNNYCDN_USER }}
BUNNY_STORAGE_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }}
BUNNY_PULL_ZONE_ID: 2117106
with:
args: deploy --dir=site
minio_production:
if: inputs.minio_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://privacyguides-org-production.stor1-minio.jonaharagon.net
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: jakejarvis/s3-sync-action@master
with:
args: --acl public-read --follow-symlinks --delete
env:
SOURCE_DIR: "site/"
AWS_S3_BUCKET: ${{ vars.PROD_MINIO_BUCKET }}
AWS_S3_ENDPOINT: ${{ vars.PROD_MINIO_HOSTNAME }}
AWS_ACCESS_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}

48
.github/workflows/download-repo.yml vendored
View File

@ -1,48 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Download Repository
on:
workflow_call:
inputs:
repo:
required: true
type: string
secrets:
ACTIONS_SSH_KEY:
required: true
jobs:
download:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
repository: 'privacyguides/${{ inputs.repo }}'
path: repo-${{ inputs.repo }}
ssh-key: ${{ secrets.ACTIONS_SSH_KEY }}
- uses: actions/upload-artifact@v4
with:
name: repo-${{ inputs.repo }}
path: repo-${{ inputs.repo }}
retention-days: 1

5
.github/workflows/publish-mirror.yml vendored
View File

@ -20,7 +20,10 @@
name: 🪞 Push to Mirrors
on: [ push, delete, create ]
permissions:
contents: read
on: [push, delete, create]
# Ensures that only one mirror task will run at a time.
concurrency:

27
.github/workflows/publish-pr.yml vendored
View File

@ -18,7 +18,7 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: 📦 Publish Pull Request Preview
name: 📦 PR Preview
on:
pull_request_target:
@ -30,17 +30,21 @@ concurrency:
permissions:
pull-requests: write
contents: read
pages: write
id-token: write
jobs:
submodule:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
repo:
- name: mkdocs-material-insiders
ref: main
- name: brand
ref: main
- name: i18n
ref: main
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
repo: ${{ matrix.repo.name }}
secrets:
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
@ -56,7 +60,7 @@ jobs:
fail-fast: false
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
@ -67,12 +71,10 @@ jobs:
needs: build
permissions:
contents: read
pages: write
id-token: write
uses: ./.github/workflows/deploy.yml
uses: privacyguides/.github/.github/workflows/deploy-netlify-preview.yml@main
with:
netlify_preview: true
netlify_alias: ${{ github.event.pull_request.head.sha }}
netlify_site_id: ${{ vars.NETLIFY_SITE }}
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
@ -84,7 +86,6 @@ jobs:
env:
address: ${{ needs.deploy.outputs.netlify_preview_address }}
steps:
- uses: thollander/actions-comment-pull-request@v2.5.0
with:
message: |
@ -99,4 +100,4 @@ jobs:
cleanup:
if: ${{ always() }}
needs: build
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

17
.github/workflows/publish-release.yml vendored
View File

@ -18,12 +18,12 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: 📦 Publish Release
name: 📦 Release
on:
push:
tags:
- '*'
- "*"
permissions:
contents: write
@ -35,7 +35,7 @@ jobs:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
secrets:
@ -48,7 +48,7 @@ jobs:
lang: [en, es, fr, he, it, nl, ru, zh-Hant]
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{ github.ref }}
repo: ${{ github.repository }}
@ -60,7 +60,7 @@ jobs:
needs: submodule
permissions:
contents: read
uses: ./.github/workflows/build-offline.yml
uses: privacyguides/.github/.github/workflows/build-offline.yml@main
release:
name: Create release notes
@ -84,20 +84,17 @@ jobs:
deploy:
needs: build
uses: ./.github/workflows/deploy.yml
uses: ./.github/workflows/deploy-all.yml
with:
netlify_production: true
github_pages: true
bunnycdn_production: true
minio_production: true
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
PROD_BUNNYCDN_API_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }}
PROD_BUNNYCDN_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }}
PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
cleanup:
if: ${{ always() }}
needs: [build, buildoffline]
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

8
.github/workflows/test-build.yml vendored
View File

@ -31,7 +31,7 @@ jobs:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
secrets:
@ -45,7 +45,7 @@ jobs:
fail-fast: false
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{ github.ref }}
repo: ${{ github.repository }}
@ -56,9 +56,9 @@ jobs:
needs: submodule
permissions:
contents: read
uses: ./.github/workflows/build-offline.yml
uses: privacyguides/.github/.github/workflows/build-offline.yml@main
cleanup:
if: ${{ always() }}
needs: [build, buildoffline]
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

81
.github/workflows/test-lint.yml vendored Normal file
View File

@ -0,0 +1,81 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: 🤖 Linting
permissions:
contents: read
on:
workflow_dispatch:
pull_request:
branches:
- main
push:
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true
env:
MAIN_BRANCH: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
jobs:
megalinter:
name: MegaLinter
runs-on: ubuntu-latest
steps:
- if: ${{ env.MAIN_BRANCH }}
uses: actions/checkout@v4
- if: ${{ !env.MAIN_BRANCH }}
uses: actions/checkout@v4
with:
fetch-depth: 0
- id: ml
# You can override MegaLinter flavor used to have faster performances
# More info at https://megalinter.io/flavors/
uses: oxsecurity/megalinter/flavors/documentation@v7.10.0
env:
# All available variables are described in documentation
# https://megalinter.io/configuration/
# Validates all source when push on main, else just the git diff with main.
VALIDATE_ALL_CODEBASE: ${{ env.MAIN_BRANCH }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
DISABLE: COPYPASTE,SPELL,HTML
DISABLE_LINTERS: JSON_JSONLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER
DISABLE_ERRORS_LINTERS: CSS_STYLELINT,MARKDOWN_MARKDOWN_LINK_CHECK,YAML_YAMLLINT
EDITORCONFIG_EDITORCONFIG_CHECKER_ARGUMENTS: -disable-indentation
ENV_DOTENV_LINTER_ARGUMENTS: "--skip QuoteCharacter"
MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_INCLUDE: (docs)
MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .markdownlint.yml
MARKDOWN_MARKDOWNLINT_FILTER_REGEX_EXCLUDE: (PULL_REQUEST_TEMPLATE\.md)
# Upload MegaLinter artifacts
- name: Archive production artifacts
if: success() || failure()
uses: actions/upload-artifact@v4
with:
name: MegaLinter reports
path: |
megalinter-reports
mega-linter.log

32
.github/workflows/upload-crowdin.yml vendored
View File

@ -20,10 +20,13 @@
name: 💬 Crowdin Upload
permissions:
contents: read
on:
workflow_dispatch:
push:
branches: [ main ]
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@ -34,18 +37,17 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Checkout
uses: actions/checkout@v4
- name: crowdin action
uses: crowdin/github-action@v1.20.1
with:
upload_sources: true
upload_sources_args: '--auto-update --delete-obsolete'
download_translations: false
config: crowdin.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
- name: crowdin action
uses: crowdin/github-action@v1.20.1
with:
upload_sources: true
upload_sources_args: "--auto-update --delete-obsolete"
download_translations: false
config: crowdin.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}