privacyguides/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-07-02 17:42:39 +00:00
Code Issues Activity

Remove per-language config files (#2513)

Browse Source
This commit is contained in:
Jonah Aragon
2024-04-10 15:18:32 -05:00
parent 1acdf1748f
commit 775ff52b14
27 changed files with 468 additions and 527 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/build-container.yml vendored
View File

@ -1,4 +1,3 @@
#
name: ☁️ Build Container
# Configures this workflow to run every time a change is pushed to the branch called `release`.

116
.github/workflows/build-pr.yml vendored Normal file
View File

@ -0,0 +1,116 @@
name: 🛠️ Build PR Preview
on:
pull_request:
concurrency:
group: ${{github.event.pull_request.head.ref}}
cancel-in-progress: true
permissions:
contents: read
jobs:
metadata:
runs-on: ubuntu-latest
outputs:
submodules: ${{ steps.submodules-fork.outputs.submodules || steps.submodules-main.outputs.submodules }}
privileged: ${{ steps.submodules-fork.outputs.privileged || steps.submodules-main.outputs.privileged }}
env:
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
steps:
- name: Set submodules for fork
if: env.ACTIONS_SSH_KEY == ''
id: submodules-fork
run: |
echo 'submodules={"repo":["brand","i18n"]}' >> "$GITHUB_OUTPUT"
echo "privileged=false" >> "$GITHUB_OUTPUT"
- name: Set submodules for main repo
if: env.ACTIONS_SSH_KEY != ''
id: submodules-main
run: |
echo 'submodules={"repo":["brand","i18n","mkdocs-material-insiders"]}' >> "$GITHUB_OUTPUT"
echo "privileged=true" >> "$GITHUB_OUTPUT"
- name: Save PR metadata
run: |
mkdir -p ./metadata
echo ${{ github.event.number }} > ./metadata/NR
echo ${{ github.event.pull_request.head.sha }} > ./metadata/SHA
- name: Upload metadata as artifact
uses: actions/upload-artifact@v4
with:
name: metadata
path: metadata
submodule:
needs: metadata
strategy:
matrix: ${{ fromJson(needs.metadata.outputs.submodules) }}
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
secrets:
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
build_english:
needs: [submodule, metadata]
strategy:
matrix:
lang: [en]
fail-fast: true
uses: ./.github/workflows/build.yml
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
lang: en
continue-on-error: false
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
build_i18n:
if: ${{ contains(github.event.pull_request.labels.*.name, 'ci:build i18n') }}
needs: [submodule, metadata]
strategy:
matrix:
lang: [es, fr, he, it, nl, ru, zh-Hant]
fail-fast: false
uses: ./.github/workflows/build.yml
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
lang: ${{ matrix.lang }}
continue-on-error: true
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
combine_build:
needs: [build_english, build_i18n]
if: |
(always() && !cancelled() && !failure()) &&
needs.build_english.result == 'success' &&
(needs.build_i18n.result == 'success' || needs.build_i18n.result == 'skipped')
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- name: Upload Site
uses: actions/upload-artifact@v4
with:
name: site-build-combined
path: site
retention-days: 5
cleanup:
if: ${{ always() }}
needs: [build_english, build_i18n]
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

237
.github/workflows/build.yml vendored
View File

@ -1,4 +1,4 @@
name: Build Website
name: 🛠️ Build Website
on:
workflow_call:
@ -21,6 +21,9 @@ on:
continue-on-error:
type: boolean
default: true
privileged:
type: boolean
default: true
permissions:
contents: read
@ -33,104 +36,242 @@ jobs:
contents: read
steps:
- run: |
- name: Add GitHub Token to Environment
run: |
echo "GH_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> "$GITHUB_ENV"
- if: inputs.config == 'build'
- name: Set Metadata
if: inputs.config == 'build'
run: |
{
echo "MKDOCS_INHERIT=mkdocs-production.yml"
echo "BUILD_CONTEXT=${{ inputs.context }}"
echo "BUILD_EDIT_URI_TEMPLATE=blob/main/docs/{path}?plain=1"
echo "BUILD_REPO_URL=https://github.com/privacyguides/privacyguides.org"
echo "PRODUCTION=true"
echo "CONTEXT=${{ inputs.context }}"
} >> "$GITHUB_ENV"
- if: inputs.config == 'offline'
run: |
echo "MKDOCS_INHERIT=mkdocs-offline.yml" >> "$GITHUB_ENV"
echo "CARDS=false" >> "$GITHUB_ENV"
- name: Set Metadata for Privileged Builds
if: inputs.privileged
run: echo "BUILD_INSIDERS=true" >> "$GITHUB_ENV"
- uses: actions/checkout@v4
- name: Set Metadata for Offline Mode
if: inputs.config == 'offline'
run: |
{
echo "BUILD_EDIT_URI_TEMPLATE=''"
echo "BUILD_OFFLINE=true"
echo "BUILD_REPO_URL=''"
echo "CARDS=false"
echo "HOMEPAGE_BUTTON_GET_STARTED_LINK=basics/why-privacy-matters.html"
echo "HOMEPAGE_BUTTON_TOOLS_LINK=tools.html"
} >> "$GITHUB_ENV"
- name: Set Metadata for Translations
if: inputs.lang != 'en'
run: |
{
echo "BUILD_ABBREVIATIONS=includes/abbreviations.${{ inputs.lang }}.txt"
echo "BUILD_DOCS_DIR=i18n/${{ inputs.lang }}"
echo "BUILD_EDIT_URI_TEMPLATE=https://github.com/privacyguides/i18n/blob/main/i18n/${{ inputs.lang }}/{path}?plain=1"
echo "BUILD_SITE_DIR=site/${{ inputs.lang }}"
echo "BUILD_SITE_URL=https://privacyguides.org/${{ inputs.lang }}"
echo "BUILD_THEME_LANGUAGE=${{ inputs.lang }}"
} >> "$GITHUB_ENV"
- name: Set Metadata for Hebrew Translation
if: inputs.lang == 'he'
run: |
{
echo "BUILD_THEME_FONT_CODE=Cousine"
echo "BUILD_THEME_FONT_TEXT=Open Sans"
echo "TRANSLATION_STYLESHEET=assets/stylesheets/lang-${{ inputs.lang }}.css?v=20240410"
} >> "$GITHUB_ENV"
- name: Set Metadata for Russian Translation
if: inputs.lang == 'ru'
run: |
{
echo "TRANSLATION_STYLESHEET=assets/stylesheets/lang-${{ inputs.lang }}.css?v=20240410"
} >> "$GITHUB_ENV"
- name: Set Metadata for Chinese (Traditional) Translation
if: inputs.lang == 'zh-Hant'
run: |
{
echo "BUILD_THEME_FONT_CODE=Noto Sans TC"
echo "BUILD_THEME_FONT_TEXT=Noto Sans TC"
echo "TRANSLATION_STYLESHEET=assets/stylesheets/lang-${{ inputs.lang }}.css?v=20240410"
} >> "$GITHUB_ENV"
- name: Download Repository
uses: actions/checkout@v4
with:
repository: ${{ inputs.repo }}
ref: ${{ inputs.ref }}
persist-credentials: "false"
fetch-depth: 0
- uses: actions/download-artifact@v4
- name: Download Submodules
uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- run: |
- name: Move mkdocs-material-insiders to mkdocs-material
if: inputs.privileged
run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
- name: Move brand submodule to theme/assets/brand
run: |
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- if: inputs.lang != 'en'
- name: Copy Translation Files
if: inputs.lang != 'en'
run: |
cp -rl modules/repo-i18n/i18n .
cp -rl modules/repo-i18n/includes .
cp -rl modules/repo-i18n/theme .
- uses: actions/setup-python@v5
- name: Install Python
uses: actions/setup-python@v5
with:
cache: "pipenv"
- uses: actions/cache/restore@v4.0.2
id: site_cache_restore
- name: Restore Privacy Plugin Cache
uses: actions/cache/restore@v4.0.2
id: privacy_cache_restore
with:
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
restore-keys: |
site-cache-${{ inputs.repo }}-${{ inputs.ref }}-
site-cache-${{ inputs.repo }}-
- uses: actions/cache/restore@v4.0.2
id: card_cache_restore
with:
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
key: privacy-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/privacy/**') }}
path: |
config/.cache/plugin/social/manifest.json
config/.cache/plugin/social/assets
.cache/plugin/privacy
restore-keys: |
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-
privacy-cache-${{ inputs.repo }}-
privacy-cache-privacyguides/privacyguides.org-
privacy-cache-
- run: |
- name: Restore Social Plugin Cache
uses: actions/cache/restore@v4.0.2
id: social_cache_restore
with:
key: social-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
path: |
.cache/plugin/social/manifest.json
.cache/plugin/social/assets
restore-keys: |
social-cache-${{ inputs.repo }}-${{ inputs.lang }}-
social-cache-privacyguides/privacyguides.org-${{ inputs.lang }}-
- name: Restore Optimize Plugin Cache
uses: actions/cache/restore@v4.0.2
id: optimize_cache_restore
with:
key: optimize-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
path: |
.cache/plugin/optimize
restore-keys: |
optimize-cache-${{ inputs.repo }}-
optimize-cache-privacyguides/privacyguides.org-
optimize-cache-
- name: Install Python Dependencies
if: inputs.privileged
run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- uses: falti/dotenv-action@v1.1
- name: Install Python Dependencies (Unprivileged)
if: ${{ !inputs.privileged }}
run: |
pip install mkdocs-material
sudo apt install pngquant
- name: Set Translated String Environment Variables
uses: falti/dotenv-action@v1.1
with:
path: includes/strings.${{ inputs.lang }}.env
export-variables: true
keys-case: bypass
- run: |
pipenv run mkdocs build --config-file config/mkdocs.${{ inputs.lang }}.yml
- name: Build Website
if: inputs.privileged
run: |
pipenv run mkdocs build --config-file mkdocs-production.yml
pipenv run mkdocs --version
tar -czvf site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz site
- uses: actions/cache/save@v4.0.2
if: steps.site_cache_restore.outputs.cache-hit != 'true'
with:
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
- name: Build Website (Unprivileged)
if: ${{ !inputs.privileged }}
run: |
mkdocs build
mkdocs --version
- uses: actions/cache/save@v4.0.2
if: steps.card_cache_restore.outputs.cache-hit != 'true'
- name: Package Website
run: |
tar -czf site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz site
- name: Find Privacy Plugin Cache
uses: actions/cache/restore@v4.0.2
if: steps.privacy_cache_restore.outputs.cache-hit != 'true'
id: privacy_cache_test
with:
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
key: privacy-cache-privacyguides/privacyguides.org-${{ hashfiles('.cache/plugin/privacy/**') }}
lookup-only: true
path: |
config/.cache/plugin/social/manifest.json
config/.cache/plugin/social/assets
.cache/plugin/privacy
- uses: actions/upload-artifact@v4
- name: Find Social Plugin Cache
uses: actions/cache/restore@v4.0.2
if: steps.social_cache_restore.outputs.cache-hit != 'true'
id: social_cache_test
with:
key: social-cache-privacyguides/privacyguides.org-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
lookup-only: true
path: |
.cache/plugin/social/manifest.json
.cache/plugin/social/assets
- name: Find Optimize Plugin Cache
uses: actions/cache/restore@v4.0.2
if: steps.optimize_cache_restore.outputs.cache-hit != 'true'
id: optimize_cache_test
with:
key: optimize-cache-privacyguides/privacyguides.org-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
lookup-only: true
path: |
.cache/plugin/optimize
- name: Save Privacy Plugin Cache
uses: actions/cache/save@v4.0.2
if: steps.privacy_cache_test.outputs.cache-hit != 'true'
with:
key: privacy-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/privacy/**') }}
path: .cache/plugin/privacy
- name: Save Social Plugin Cache
uses: actions/cache/save@v4.0.2
if: steps.social_cache_test.outputs.cache-hit != 'true'
with:
key: social-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
path: |
.cache/plugin/social/manifest.json
.cache/plugin/social/assets
- name: Save Optimize Plugin Cache
uses: actions/cache/save@v4.0.2
if: steps.optimize_cache_test.outputs.cache-hit != 'true'
with:
key: optimize-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
path: .cache/plugin/optimize
- name: Upload Site
uses: actions/upload-artifact@v4
with:
name: site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz
path: site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz
retention-days: 1
offline_package:
if: inputs.config == 'offline' && inputs.lang == 'en'
@ -146,8 +287,8 @@ jobs:
name: site-offline-en.tar.gz
- run: |
tar -xzvf site-offline-en.tar.gz
tar -czvf offline.tar.gz site/en
tar -xzf site-offline-en.tar.gz
tar -czf offline.tar.gz site/en
zip -r -q offline.zip site/en
- name: Upload tar.gz file

153
.github/workflows/publish-pr.yml vendored
View File

@ -1,79 +1,100 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: 📦 PR Preview
on:
pull_request_target:
concurrency:
group: ${{github.event.pull_request.head.ref}}
cancel-in-progress: true
workflow_run:
workflows: [🛠️ Build PR Preview]
types:
- completed
permissions:
pull-requests: write
actions: read
contents: read
pull-requests: write
jobs:
submodule:
strategy:
matrix:
repo:
- name: mkdocs-material-insiders
ref: main
- name: brand
ref: main
- name: i18n
ref: main
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo.name }}
secrets:
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
metadata:
if: >
github.event.workflow_run.event == 'pull_request' &&
github.event.workflow_run.conclusion == 'success'
build:
needs: submodule
strategy:
matrix:
lang: [es, fr, he, it, nl, ru, zh-Hant]
allow-error: [true]
include:
- lang: en
allow-error: false
fail-fast: false
permissions:
contents: read
uses: ./.github/workflows/build.yml
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
lang: ${{ matrix.lang }}
continue-on-error: ${{ matrix.allow-error }}
runs-on: ubuntu-latest
outputs:
pr_number: ${{ steps.metadata.outputs.pr_number }}
sha: ${{ steps.metadata.outputs.sha }}
steps:
- name: Download Website Build Artifact
uses: actions/github-script@v7.0.1
with:
script: |
var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{github.event.workflow_run.id }},
});
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "site-build-combined"
})[0];
var download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
var fs = require('fs');
fs.writeFileSync('${{github.workspace}}/site-build-combined.zip', Buffer.from(download.data));
- name: Unpack Website
run: |
mkdir -p site
unzip site-build-combined.zip -d site
tar -czvf site-build-combined.tar.gz site
- name: Upload Combined Build Artifact
uses: actions/upload-artifact@v4
with:
name: site-build-combined.tar.gz
path: site-build-combined.tar.gz
retention-days: 5
- name: Download Metadata Artifact
uses: actions/github-script@v7.0.1
with:
script: |
var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{github.event.workflow_run.id }},
});
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "metadata"
})[0];
var download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
var fs = require('fs');
fs.writeFileSync('${{github.workspace}}/metadata.zip', Buffer.from(download.data));
- name: Set Metadata
id: metadata
run: |
mkdir -p metadata
unzip metadata.zip -d metadata
echo "pr_number=$(cat metadata/NR)" >> "$GITHUB_OUTPUT"
echo "sha=$(cat metadata/SHA)" >> "$GITHUB_OUTPUT"
deploy:
needs: build
needs: metadata
permissions:
contents: read
uses: privacyguides/webserver/.github/workflows/deploy-netlify-preview.yml@main
with:
netlify_alias: ${{ github.event.pull_request.head.sha }}
netlify_alias: ${{ needs.metadata.outputs.pr_number }}
netlify_site_id: ${{ vars.NETLIFY_SITE }}
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
@ -81,23 +102,19 @@ jobs:
comment:
permissions:
pull-requests: write
needs: deploy
needs: [deploy, metadata]
runs-on: ubuntu-latest
env:
address: ${{ needs.deploy.outputs.address }}
steps:
- uses: thollander/actions-comment-pull-request@v2.5.0
with:
pr_number: ${{ needs.metadata.outputs.pr_number }}
message: |
### <span aria-hidden="true">✅</span> Your preview is ready!
| Name | Link |
| :---: | ---- |
| <span aria-hidden="true">🔨</span> Latest commit | ${{ github.event.pull_request.head.sha }} |
| <span aria-hidden="true">🔨</span> Latest commit | ${{ needs.metadata.outputs.sha }} |
| <span aria-hidden="true">😎</span> Preview | ${{ env.address }} |
comment_tag: deployment
cleanup:
if: ${{ always() }}
needs: build
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

2
.github/workflows/test-build.yml vendored
View File

@ -41,7 +41,7 @@ jobs:
needs: submodule
strategy:
matrix:
lang: [en, es, fr, he, it, nl, ru, zh-Hant]
lang: [en, fr, he]
build: [build, offline]
fail-fast: false
permissions: