my adds for today #1499
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Deploy | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
jobs: | |
Build: | |
runs-on: ubuntu-latest | |
env: | |
BUILD_DIR: /home/runner/work/buddhist-uni.github.io/jekyll_build | |
steps: | |
- name: Checkout the Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Check Filenames and Headers | |
shell: bash | |
run: | | |
whitelist=( | |
"ACKNOWLEDGEMENTS.md" | |
"CNAME" | |
"COLLECTION_POLICY.md" | |
"CONTRIBUTING.md" | |
"CONTRIBUTORS.md" | |
"README.md" | |
"README.txt" | |
"Gemfile" | |
"Gemfile.lock" | |
"cssCacheToken.yml" | |
".gitignore" | |
) | |
invalid_files=() | |
exit_code=0 | |
readarray -t tracked_files < <(git diff-tree --no-commit-id --diff-filter=d --diff-merges=1 --name-only -r HEAD) | |
for file in "${tracked_files[@]}"; do | |
if [[ -f "$file" ]]; then | |
filename=$(basename "$file") | |
# Check if file is whitelisted | |
if [[ " ${whitelist[@]} " =~ " $filename " ]]; then | |
continue | |
fi | |
echo "Checking $file..." | |
if ! grep -qE '^[+0-9a-z_\.-]+\.(bash|bib|code-workspace|gitignore|html|ico|js|json|liquid|md|png|py|rb|scss|sh|svg|txt|webmanifest|xml|yaml|yml)$' <<< "$filename"; then | |
invalid_files+=("$file") | |
fi | |
if [[ "${file: -3}" == ".md" ]]; then | |
first_bytes=$(xxd -p -l 4 "$file") # Read the first 4 bytes in hexadecimal format | |
if [[ $first_bytes != "2d2d2d0a" ]]; then | |
echo "Invalid header in file: $file" | |
exit_code=1 | |
fi | |
fi | |
fi | |
done | |
if [[ ${#invalid_files[@]} -gt 0 ]]; then | |
echo "Invalid characters found in the following files:" | |
for file in "${invalid_files[@]}"; do | |
echo "$file" | |
done | |
exit 1 | |
else | |
echo "All files have valid names." | |
exit $exit_code | |
fi | |
- name: Download prod build | |
uses: dawidd6/action-download-artifact@master | |
with: | |
workflow: build.yaml | |
branch: main | |
name: github-pages | |
path: prod | |
- name: Prepare olid cover images | |
run: | | |
cd $GITHUB_WORKSPACE/prod | |
tar -xf artifact.tar | |
cd assets/imgs | |
mkdir -p covers | |
mv covers/ "$GITHUB_WORKSPACE/assets/imgs/" | |
cd $GITHUB_WORKSPACE | |
rm -rf prod | |
if git show | grep -q "olid: "; then | |
cd scripts | |
pip install titlecase pyyaml python-frontmatter | |
python dl-book-covers.py | |
else | |
echo "The previous commit didn't touch any olid's, so short-circuiting the download script" | |
fi | |
- name: Install node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18.16 | |
cache: 'npm' | |
cache-dependency-path: 'package-lock.json' | |
- run: npm ci | |
- run: bash ./scripts/install-deps.bash | |
- name: Install build requirements | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 3.3 | |
bundler-cache: true | |
- name: Build the site | |
run: | | |
mkdir $BUILD_DIR | |
export RUBYOPT="--enable=yjit" | |
ruby --version | |
JEKYLL_ENV=production bundle exec jekyll build -d $BUILD_DIR --trace | |
- name: Purge CSS | |
run: | | |
npx purgecss -v --content "$BUILD_DIR/**/*.html" "$BUILD_DIR/assets/js/*.js" --css $BUILD_DIR/assets/css/main.css -o $BUILD_DIR/assets/css/purged-main.css | |
test -s $BUILD_DIR/assets/css/purged-main.css | |
- name: Upload Build as Artifact | |
uses: actions/upload-pages-artifact@v3 | |
with: | |
path: ${{ env.BUILD_DIR }} | |
retention-days: 62 | |
Deploy: | |
runs-on: ubuntu-latest | |
needs: Build | |
permissions: | |
pages: write | |
id-token: write | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
steps: | |
- name: Deploy the Artifact to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v4 | |
- name: Invalidate the CloudFlare Cache | |
shell: bash | |
run: | | |
echo "Hitting the CloudFlare API..." | |
HTTP_RESPONSE=$(curl -sSX POST "https://api.cloudflare.com/client/v4/zones/${{ secrets.CF_ZONE }}/purge_cache" -H "Authorization: Bearer ${{ secrets.CF_API_TOKEN }}" -H "Content-Type:application/json" -w "HTTP_STATUS:%{http_code}" --data '{"purge_everything":true}') | |
HTTP_BODY=$(echo "${HTTP_RESPONSE}" | sed -E 's/HTTP_STATUS\:[0-9]{3}$//') | |
HTTP_STATUS=$(echo "${HTTP_RESPONSE}" | tr -d '\n' | sed -E 's/.*HTTP_STATUS:([0-9]{3})$/\1/') | |
if [ "${HTTP_STATUS}" -eq "200" ]; then | |
SUCCESS=$(echo ${HTTP_BODY} | python3 -c "import sys, json;print(json.load(sys.stdin)['success'])") | |
if [ "${SUCCESS}" = "True" ]; then | |
echo "Successfully purged!" | |
echo "::group::Raw response" | |
echo "${HTTP_BODY}" | |
echo "::endgroup::" | |
exit 0 | |
else | |
echo "Unsuccessful purge!" | |
echo "API response was:" | |
echo "${HTTP_BODY}" | |
exit 1 | |
fi | |
else | |
echo "Request failed. API response was ($HTTP_STATUS): " | |
echo "${HTTP_BODY}" | |
exit 1 | |
fi |