Merge pull request #29 from joshbeard/dependabot/pip/jinja2-3.1.5 #233
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# NOTE: This depends on AWS resources deployed for the "joshbeard.me" website. | |
# Refer to https://github.com/joshbeard/joshbeard.me-tf-aws | |
name: Build | |
on: | |
push: | |
branches: | |
- master | |
jobs: | |
yamllint: | |
name: YAML Lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
- name: yaml-lint | |
uses: ibiqlik/action-yamllint@v3 | |
with: | |
file_or_dir: resume.yaml | |
# NOTE: This spell checker only checks the changes *in a commit*. It won't | |
# scan the whole repo or even a whole file - just what's changed. | |
# See https://github.com/TypoCI/spellcheck-action | |
# Another option: https://github.com/check-spelling/check-spelling | |
spellcheck: | |
name: Spell Check | |
runs-on: ubuntu-latest | |
timeout-minutes: 4 | |
if: "!contains(github.event.head_commit.message, '[ci skip]')" | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
ref: ${{ github.ref }} | |
- name: TypoCheck | |
uses: typoci/spellcheck-action@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
build: | |
name: Build Resume | |
runs-on: ubuntu-latest | |
needs: [spellcheck, yamllint] | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
ref: ${{ github.ref }} | |
- name: Generate resume documents from templates (html, md, gemini, txt, json) | |
run: | | |
pip install -r requirements.txt | |
make html md txt gmi json | |
- name: Add man page frontmatter | |
run: > | |
_DATE=$(date "+%B %Y") | |
echo "% JoshBeard(7) joshbeard.me\n% Josh Beard ([email protected])\n% ${_DATE}\n\n" | cat - README.md > README.man.md | |
- name: Generate man page | |
uses: docker://pandoc/latex | |
with: | |
args: > | |
--from markdown --to man | |
-s README.man.md -o dist/joshbeard-resume.7 | |
- name: Generate Word Document | |
uses: docker://pandoc/latex | |
with: | |
args: > | |
--from markdown --to docx README.md | |
-f gfm | |
-o dist/Josh-Beard-Resume.docx | |
- name: Generate PDF Document | |
uses: browser-actions/setup-chrome@latest | |
- run: > | |
chrome | |
-headless | |
-disable-gpu | |
--no-sandbox | |
--print-to-pdf=dist/Josh-Beard-Resume.pdf | |
--print-to-pdf-no-header | |
dist/index.html | |
- name: ls | |
run: ls -l . dist/ | |
- uses: actions/upload-artifact@master | |
name: Upload Resume Markdown | |
with: | |
name: readme | |
path: | | |
README.md | |
- uses: actions/upload-artifact@master | |
name: Upload Resume Artifacts | |
with: | |
name: artifacts | |
path: | | |
dist/ | |
minify: | |
runs-on: ubuntu-latest | |
container: thekevjames/minify:2.10.0 | |
needs: build | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
ref: ${{ github.ref }} | |
- uses: actions/download-artifact@master | |
name: Download Resume Artifacts | |
with: | |
name: artifacts | |
path: dist | |
- name: Minify | |
run: minify --recursive --output . . | |
- uses: actions/upload-artifact@master | |
name: Upload Resume Artifacts | |
with: | |
name: src | |
path: | | |
dist/ | |
validate: | |
name: HTML Validation | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
- minify | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
ref: ${{ github.ref }} | |
- uses: actions/download-artifact@master | |
name: Download Resume Artifacts | |
with: | |
name: src | |
path: _site | |
- name: HTML Validation | |
uses: Cyb3r-Jak3/[email protected] | |
with: | |
root: _site | |
add-markdown: | |
name: Commit and add Markdown Resume | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
ref: ${{ github.ref }} | |
- uses: actions/download-artifact@master | |
name: Download Resume Artifacts | |
with: | |
name: readme | |
path: . | |
- name: Debug | |
run: | | |
ls -l | |
git status | |
- name: Commit Markdown | |
uses: EndBug/add-and-commit@v9 | |
with: | |
author_name: Josh Beard | |
author_email: [email protected] | |
message: 'Generated Markdown Resume' | |
add: 'README.md' | |
local-deploy: | |
name: Deploy locally | |
runs-on: self-hosted | |
needs: validate | |
if: "!contains(github.event.head_commit.message, '[skip deploy]')" | |
steps: | |
- uses: actions/download-artifact@master | |
with: | |
name: src | |
- name: Deploy resume to Gemini server | |
id: deploy | |
uses: Pendect/[email protected] | |
env: | |
DEPLOY_KEY: ${{secrets.DEPLOY_KEY}} | |
with: | |
flags: '-rv' | |
options: '--chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r' | |
ssh_options: '' | |
src: '.' | |
dest: '${{ secrets.DEPLOY_USER }}@${{ secrets.LOCAL_GEMINI_SERVER }}:${{ secrets.DEPLOY_PATH }}/' | |
- name: Display status from deploy | |
run: echo "${{ steps.deploy.outputs.status }}" | |
- name: Deploy resume to Gopher server | |
id: deploy_gopher | |
uses: Pendect/[email protected] | |
env: | |
DEPLOY_KEY: ${{secrets.DEPLOY_KEY}} | |
with: | |
flags: '-rv' | |
options: '--chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r' | |
ssh_options: '' | |
src: 'resume-narrow.txt' | |
dest: '${{ secrets.DEPLOY_USER }}@${{ secrets.LOCAL_GEMINI_SERVER }}:${{ secrets.GOPHER_DEPLOY_PATH }}/resume.txt' | |
- name: Display status from deploy | |
run: echo "${{ steps.deploy_gopher.outputs.status }}" | |
deploy: | |
name: Deploy Resume Website | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
- validate | |
if: "!contains(github.event.head_commit.message, '[skip deploy]')" | |
steps: | |
- uses: actions/download-artifact@master | |
with: | |
name: src | |
- name: Upload to S3 | |
uses: jakejarvis/s3-sync-action@master | |
with: | |
args: --acl public-read --follow-symlinks --delete --cache-control max-age=604800 | |
env: | |
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_REGION: 'us-west-2' | |
SOURCE_DIR: '.' | |
DEST_DIR: "resume" | |
- name: Set up aws-cli | |
uses: hsupu/setup-awscli@v1 | |
- name: Set cache on S3 objects | |
run: | | |
ls | |
aws s3 cp s3://s3-website-joshbeard-me/resume/assets/ s3://s3-website-joshbeard-me/resume/assets/ --recursive --acl public-read --cache-control max-age=15552000 | |
for f in index.html Josh-Beard-Resume.pdf Josh-Beard-Resume.docx resume.txt resume-narrow.txt resume.json; do | |
aws s3 cp s3://${{ secrets.AWS_S3_BUCKET }}/resume/${f} s3://${{ secrets.AWS_S3_BUCKET }}/resume/ --acl public-read --cache-control max-age=604800 | |
done | |
env: | |
# https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: 'us-west-2' | |
- name: Invalidate CloudFront Cache | |
uses: chetan/invalidate-cloudfront-action@v2 | |
env: | |
DISTRIBUTION: ${{ secrets.CF_DISTRIBUTION }} | |
PATHS: "/resume*" | |
AWS_REGION: "us-east-1" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |