runtimeterror/.github/workflows/deploy-prod.yml

68 lines
2.1 KiB
YAML

name: Build and Deploy Prod
# only run on changes to main
on:
schedule:
- cron: 0 13 * * *
workflow_dispatch:
push:
branches:
- main
concurrency: # prevent concurrent deploys doing strange things
group: deploy-prod
cancel-in-progress: true
# Default to bash
defaults:
run:
shell: bash
jobs:
deploy:
name: Build and deploy Hugo site
runs-on: ubuntu-latest
steps:
- name: Hugo setup
uses: peaceiris/actions-hugo@v2.6.0
with:
hugo-version: '0.121.1'
extended: true
- name: Checkout
uses: actions/checkout@v4
with:
submodules: recursive
- name: Connect to Tailscale
uses: tailscale/github-action@v2
with:
oauth-client-id: ${{ secrets.TS_API_CLIENT_ID }}
oauth-secret: ${{ secrets.TS_API_CLIENT_SECRET }}
tags: ${{ secrets.TS_TAG }}
- name: Configure SSH known hosts
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts
chmod 644 ~/.ssh/known_hosts
- name: Build with Hugo
run: HUGO_REMOTE_FONT_PATH=${{ secrets.REMOTE_FONT_PATH }} hugo --minify
- name: Highlight with Torchlight
run: |
npm i @torchlight-api/torchlight-cli
TORCHLIGHT_TOKEN=${{ secrets.TORCHLIGHT_TOKEN }} npx torchlight
- name: Deploy to Bunny
uses: ayeressian/bunnycdn-storage-deploy@v2.2.2
with:
source: public
destination: /
storageZoneName: "${{ secrets.BUNNY_STORAGE_NAME }}"
storagePassword: "${{ secrets.BUNNY_STORAGE_PASSWORD }}"
storageEndpoint: "${{ secrets.BUNNY_STORAGE_ENDPOINT }}"
accessKey: "${{ secrets.BUNNY_API_KEY }}"
pullZoneId: "${{ secrets.BUNNY_ZONE_ID }}"
upload: "true"
remove: "true"
purgePullZone: "true"
- name: Deploy GMI to Agate
run: |
rsync -avz --delete --exclude='*.html' --exclude='*.css' --exclude='*.js' -e ssh public/ deploy@${{ secrets.GMI_HOST }}:${{ secrets.GMI_CONTENT_PATH }}