mirror of
https://mau.dev/andreijiroh-dev/website.git
synced 2024-11-24 09:23:48 +00:00
ci(gitlab-ci): update deploy scripts and add .env.ci managed by dotenvx
Signed-off-by: Andrei Jiroh Halili <ajhalili2006@andreijiroh.xyz>
This commit is contained in:
parent
e954a7fa74
commit
cc340223f9
4 changed files with 45 additions and 26 deletions
11
.env.ci
Normal file
11
.env.ci
Normal file
|
@ -0,0 +1,11 @@
|
|||
#/-------------------[DOTENV_PUBLIC_KEY]--------------------/
|
||||
#/ public-key encryption for .env files /
|
||||
#/ [how it works](https://dotenvx.com/encryption) /
|
||||
#/----------------------------------------------------------/
|
||||
DOTENV_PUBLIC_KEY_CI="0229743ae8682e55160d2176b2d17e5fc9e7ce7779fda3597fb8f4701c61615381"
|
||||
DOTENVX=1
|
||||
|
||||
# .env.ci
|
||||
SOURCEHUT_PAGES_TOKEN="encrypted:BNHzZMqMJw9wodfYI5x4kWO1OwYjUWHOwoqTYX10K5Z1jaaE4HuiG5g9KhoSo0vl/fN120WW+uVcP+uwHRJdPADLecM8SjmxOwF1LDDqiDYXnpUS3KqOdVcOtvV3xHYITVd0q9ds2SFue/1HOnzToCD7fC3PoAV+FmYGKF+NFK+c01ws7yI7TGJ7tGOIDTq9jdUbtZ/Mo2o5xx/85zbjmGHGRlIOHlM5pmg1CBhOfRvZdla9Ay/gkJ6Yrm5h0+ULZZUTt4lyKWYYwvVWTeaOngOOmAOps18BvvwSsHoN4QK5IrvVZEbhLqOAZdMcLYlKWViFA559IKx1vky3ddSS6S+lOIn9kGFAwNSu41jH+SFMFtK0QH64"
|
||||
CLOUDFLARE_ACCOUNT_ID="encrypted:BB7kta9zZf3Y02HZtxI2/o6vTCvTWYJhOBI4ajDgimbqS1dsdc+Zf6Qcch+gg8LM8UTDDu/8p2K511oyEOa3Xqo/IoX+7NvKu9qZlb2Y38Y44SuP7hSGVcRpfZ5PuzCtFBHAez1OtpWAcdGOmBU8l6bZro3AsBXvpLfLPD/ocspf"
|
||||
CLOUDFLARE_API_TOKEN="encrypted:BHr81tc2ka99Yd2+rkxhGjqBlYthCUpVWIrJVLNdqKzC8skKWeY+okX7LlEnrYuN8hdAC5HP2tj4e5KHnaPq2ShTfKN5VSAxhZDNQKEmsOiVrh11nuGw4Bc94/0mwJHMvyqVFsWmfir2mQkY6llw4bu/NNPk12BRfXKSRIwyc28qGMxwnoYPbvI="
|
|
@ -15,6 +15,7 @@ default:
|
|||
- pipenv install --ignore-pipfile --deploy
|
||||
- npm ci
|
||||
- curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash
|
||||
- ssh-agent > /tmp/.ssh-agent.env
|
||||
|
||||
# Global builds and stuff
|
||||
variables:
|
||||
|
@ -23,11 +24,15 @@ variables:
|
|||
FF_GENERATE_SOCIAL_CARDS: "true"
|
||||
SECURE_FILES_DOWNLOAD_PATH: .secretskit
|
||||
GIT_DEPTH: "0"
|
||||
DOTENV_PRIVATE_KEY: $DOTENV_PRIVATE_KEY_CI
|
||||
|
||||
pages:
|
||||
stage: build
|
||||
script:
|
||||
- doppler run -- ./bin/deploykit-pages.sh
|
||||
- |
|
||||
source /tmp/.ssh-agent.env
|
||||
./bin/build.sh
|
||||
./bin/deploy.sh
|
||||
artifacts:
|
||||
paths:
|
||||
# The folder that contains the files to be exposed at the Page URL
|
||||
|
|
29
bin/build.sh
29
bin/build.sh
|
@ -1,28 +1,7 @@
|
|||
#!/usr/bin/env bash
|
||||
set -xe
|
||||
set -e
|
||||
|
||||
TARGET_DIR=${TARGET_DIR:-"$PWD/public"}
|
||||
FF_OFFLINE_MKDOCS_PLUGIN=${FF_OFFLINE_MKDOCS_PLUGIN:-"false"}
|
||||
FF_ENABLE_COMMIT_DATA=${FF_ENABLE_COMMIT_DATA:-"true"}
|
||||
FF_GENERATE_SOCIAL_CARDS=${FF_GENERATE_SOCIAL_CARDS:-"true"}
|
||||
TARGET_BUILD_CONFIG=${1:-"mkdocs.yml"}
|
||||
|
||||
if [[ ! -d "$TARGET_DIR" ]]; then
|
||||
mkdir "$TARGET_DIR" -pv
|
||||
fi
|
||||
|
||||
if [[ $SKIP_VENV_SETUP == "" ]] || [[ $CI == "" ]]; then
|
||||
pipenv install --ignore-pipfile --deploy --verbose
|
||||
pipenv run mkdocs build -d "$TARGET_DIR" -f ${TARGET_BUILD_CONFIG}
|
||||
else
|
||||
pip3 install -r requirements.txt --upgrade --user
|
||||
mkdocs build -d "$TARGET_DIR" -f ${TARGET_BUILD_CONFIG}
|
||||
fi
|
||||
|
||||
mkdir "$TARGET_DIR/api"
|
||||
git rev-parse HEAD > "$TARGET_DIR/api/commit"
|
||||
TARGET_DIR="${PWD}/public"
|
||||
pipenv run build
|
||||
cp "$TARGET_DIR/assets/images/favicon.png" "$TARGET_DIR/favicon.ico"
|
||||
cp markdown/.well-known "$TARGET_DIR/.well-known" -rv
|
||||
cp markdown/humans.txt "$TARGET_DIR/humans.txt" -v
|
||||
|
||||
set +xe
|
||||
cp markdown/.well-known markdown/humans.txt "$TARGET_DIR/" -rv
|
||||
|
|
24
bin/deploy.sh
Executable file
24
bin/deploy.sh
Executable file
|
@ -0,0 +1,24 @@
|
|||
#!/usr/bin/env bash
|
||||
set -ea
|
||||
if [[ $DEBUG != "" ]]; then
|
||||
set -x
|
||||
fi
|
||||
|
||||
_root_directory_git=$(git rev-parse --show-toplevel)
|
||||
|
||||
warn() {
|
||||
echo "warning: $*"
|
||||
}
|
||||
|
||||
error() {
|
||||
echo "error: $*"
|
||||
}
|
||||
|
||||
info() {
|
||||
echo "info: $*"
|
||||
}
|
||||
|
||||
if [[ $CI == "true" ]] && [[ $CI_PIPELINE_SOURCE == "push" || $CI_PIPELINE_SOURCE == "web" ]]
|
||||
&& [[ $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH ]]; then
|
||||
npx wrangler pages publish ${_root_directory_git}/public --project-name ${CF_PAGES_PROJECT_NAME} --branch main
|
||||
fi
|
Loading…
Reference in a new issue