Skip to content

Merge pull request #21 from joshbeard/dependabot/github_actions/actio… #224

Merge pull request #21 from joshbeard/dependabot/github_actions/actio…

Merge pull request #21 from joshbeard/dependabot/github_actions/actio… #224

Workflow file for this run

# NOTE: This depends on AWS resources deployed for the "joshbeard.me" website.
# Refer to https://github.com/joshbeard/joshbeard.me-tf-aws
name: Build
on:
push:
branches:
- master
jobs:
yamllint:
name: YAML Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4
- name: yaml-lint
uses: ibiqlik/action-yamllint@v3
with:
file_or_dir: resume.yaml
# NOTE: This spell checker only checks the changes *in a commit*. It won't
# scan the whole repo or even a whole file - just what's changed.
# See https://github.com/TypoCI/spellcheck-action
# Another option: https://github.com/check-spelling/check-spelling
spellcheck:
name: Spell Check
runs-on: ubuntu-latest
timeout-minutes: 4
if: "!contains(github.event.head_commit.message, '[ci skip]')"
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4
with:
ref: ${{ github.ref }}
- name: TypoCheck
uses: typoci/spellcheck-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build:
name: Build Resume
runs-on: ubuntu-latest
needs: [spellcheck, yamllint]
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4
with:
ref: ${{ github.ref }}
- name: Generate resume documents from templates (html, md, gemini, txt, json)
run: |
pip install -r requirements.txt
make html md txt gmi json
- name: Add man page frontmatter
run: >
_DATE=$(date "+%B %Y")
echo "% JoshBeard(7) joshbeard.me\n% Josh Beard (josh@joshbeard.me)\n% ${_DATE}\n\n" | cat - README.md > README.man.md
- name: Generate man page
uses: docker://pandoc/latex
with:
args: >
--from markdown --to man
-s README.man.md -o dist/joshbeard-resume.7
- name: Generate Word Document
uses: docker://pandoc/latex
with:
args: >
--from markdown --to docx README.md
-f gfm
-o dist/Josh-Beard-Resume.docx
- name: Generate PDF Document
uses: browser-actions/setup-chrome@latest
- run: >
chrome
-headless
-disable-gpu
--no-sandbox
--print-to-pdf=dist/Josh-Beard-Resume.pdf
--print-to-pdf-no-header
dist/index.html
- name: ls
run: ls -l . dist/
- uses: actions/upload-artifact@master
name: Upload Resume Markdown
with:
name: readme
path: |
README.md
- uses: actions/upload-artifact@master
name: Upload Resume Artifacts
with:
name: src
path: |
dist/
minify:
runs-on: ubuntu-latest
container: thekevjames/minify:2.10.0
needs: build
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4
with:
ref: ${{ github.ref }}
- uses: actions/download-artifact@master
name: Download Resume Artifacts
with:
name: src
path: dist
- name: Minify
run: minify --recursive --output . .
- uses: actions/upload-artifact@master
name: Upload Resume Artifacts
with:
name: src
path: |
dist/
validate:
name: HTML Validation
runs-on: ubuntu-latest
needs:
- build
- minify
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4
with:
ref: ${{ github.ref }}
- uses: actions/download-artifact@master
name: Download Resume Artifacts
with:
name: src
path: _site
- name: HTML Validation
uses: Cyb3r-Jak3/html5validator-action@v7.2.0
with:
root: _site
add-markdown:
name: Commit and add Markdown Resume
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4
with:
ref: ${{ github.ref }}
- uses: actions/download-artifact@master
name: Download Resume Artifacts
with:
name: readme
path: .
- name: Debug
run: |
ls -l
git status
- name: Commit Markdown
uses: EndBug/add-and-commit@v9
with:
author_name: Josh Beard
author_email: josh@joshbeard.me
message: 'Generated Markdown Resume'
add: 'README.md'
local-deploy:
name: Deploy locally
runs-on: self-hosted
needs: validate
if: "!contains(github.event.head_commit.message, '[skip deploy]')"
steps:
- uses: actions/download-artifact@master
with:
name: src
- name: Deploy resume to Gemini server
id: deploy
uses: Pendect/action-rsyncer@v2.0.0
env:
DEPLOY_KEY: ${{secrets.DEPLOY_KEY}}
with:
flags: '-rv'
options: '--chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r'
ssh_options: ''
src: '.'
dest: '${{ secrets.DEPLOY_USER }}@${{ secrets.LOCAL_GEMINI_SERVER }}:${{ secrets.DEPLOY_PATH }}/'
- name: Display status from deploy
run: echo "${{ steps.deploy.outputs.status }}"
- name: Deploy resume to Gopher server
id: deploy_gopher
uses: Pendect/action-rsyncer@v2.0.0
env:
DEPLOY_KEY: ${{secrets.DEPLOY_KEY}}
with:
flags: '-rv'
options: '--chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r'
ssh_options: ''
src: 'resume-narrow.txt'
dest: '${{ secrets.DEPLOY_USER }}@${{ secrets.LOCAL_GEMINI_SERVER }}:${{ secrets.GOPHER_DEPLOY_PATH }}/resume.txt'
- name: Display status from deploy
run: echo "${{ steps.deploy_gopher.outputs.status }}"
deploy:
name: Deploy Resume Website
runs-on: ubuntu-latest
needs:
- build
- validate
if: "!contains(github.event.head_commit.message, '[skip deploy]')"
steps:
- uses: actions/download-artifact@master
with:
name: src
- name: Upload to S3
uses: jakejarvis/s3-sync-action@master
with:
args: --acl public-read --follow-symlinks --delete --cache-control max-age=604800
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: 'us-west-2'
SOURCE_DIR: '.'
DEST_DIR: "resume"
- name: Set up aws-cli
uses: hsupu/setup-awscli@v1
- name: Set cache on S3 objects
run: |
ls
aws s3 cp s3://s3-website-joshbeard-me/resume/assets/ s3://s3-website-joshbeard-me/resume/assets/ --recursive --acl public-read --cache-control max-age=15552000
for f in index.html Josh-Beard-Resume.pdf Josh-Beard-Resume.docx resume.txt resume-narrow.txt resume.json; do
aws s3 cp s3://${{ secrets.AWS_S3_BUCKET }}/resume/${f} s3://${{ secrets.AWS_S3_BUCKET }}/resume/ --acl public-read --cache-control max-age=604800
done
env:
# https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'us-west-2'
- name: Invalidate CloudFront Cache
uses: chetan/invalidate-cloudfront-action@v2
env:
DISTRIBUTION: ${{ secrets.CF_DISTRIBUTION }}
PATHS: "/resume*"
AWS_REGION: "us-east-1"
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}