From 4cd6c2cb346be5ee5799542da8f1211212832860 Mon Sep 17 00:00:00 2001 From: Julian Schacher Date: Sun, 11 May 2025 02:18:22 +0200 Subject: [PATCH] introduce Forgejo Actions CI for deploying website and staging envs uses cryptoparty.hamburg.ccc.de for now and deploys this PR as the main site --- .forgejo/workflows/cleanup.yaml | 23 +++++++++ .forgejo/workflows/deploy.yaml | 84 +++++++++++++++++++++++++++++++++ .gitlab-ci.yml | 32 ------------- 3 files changed, 107 insertions(+), 32 deletions(-) create mode 100644 .forgejo/workflows/cleanup.yaml create mode 100644 .forgejo/workflows/deploy.yaml delete mode 100644 .gitlab-ci.yml diff --git a/.forgejo/workflows/cleanup.yaml b/.forgejo/workflows/cleanup.yaml new file mode 100644 index 0000000..bb233c6 --- /dev/null +++ b/.forgejo/workflows/cleanup.yaml @@ -0,0 +1,23 @@ +on: + pull_request: + types: + - closed + +jobs: + cleanup-staging: + runs-on: docker + container: + image: code.forgejo.org/oci/node:20-bookworm + steps: + - name: Pipeline info PR + run: | + echo "Run triggered by ${{ github.event_name }} (${{ github.event.action }}) on ref ${{ github.ref_name }}" + + - name: Staging Deployment - Prepare keys + run: | + echo "${{ secrets.SSH_DEPLOY_KEY }}" > deploykey.priv + chmod 400 deploykey.priv + echo "${{ secrets.SSH_KNOWN_HOSTS_FILE }}" > ./known_hosts + - name: Staging Deployment - Remove PR from staging + run: | + ssh -i deploykey.priv -o 'UserKnownHostsFile ./known_hosts' cryptoparty-website-deploy@public-web-static-intern.hamburg.ccc.de -t "rm -r /var/www/staging.cryptoparty-hamburg.de/pr${{ github.event.pull_request.number }}/" diff --git a/.forgejo/workflows/deploy.yaml b/.forgejo/workflows/deploy.yaml new file mode 100644 index 0000000..ef195ab --- /dev/null +++ b/.forgejo/workflows/deploy.yaml @@ -0,0 +1,84 @@ +on: + push: + branches: + - main + pull_request: + +env: + TZ: Europe/Berlin + +jobs: + build: + runs-on: docker + container: + image: docker.io/hugomods/hugo:0.138.0 + steps: + - name: Pipeline info + run: | + echo "Run triggered by ${{ github.event_name }} (${{ github.event.action }}) on ref ${{ github.ref_name }}" + + - name: Install packages + run: | + apk update + # For CI actions. + apk add nodejs-current + # For website build. + apk add tzdata coreutils curl jq git + # For uploading. + apk add rsync openssh + + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # pull full history for page lastmod by git commit date + submodules: recursive + + - name: Patch baseURL (for now) + run: | + sed -i 's#baseurl = "https://cryptoparty-hamburg.de"#baseurl = "https://cryptoparty.hamburg.ccc.de"#' config.toml + + - name: Patch baseURL (staging only) + if: github.ref_name != 'master' + run: | + sed -i 's#baseurl = "https://cryptoparty.hamburg.ccc.de.de"#baseurl = "https://staging.cryptoparty.hamburg.ccc.de/pr${{ github.event.pull_request.number }}/"#' config.toml + + - name: Build website (prod) + # if: (github.event_name == 'push' || github.event_name == 'schedule') && github.ref_name == 'master' + run: | + hugo + # - name: Build website (staging) + # if: github.ref_name != 'master' + # run: | + # hugo --buildFuture --buildDrafts + + - name: Deploy - Prepare keys + if: github.event_name == 'push' || github.event_name == 'pull_request' || github.event_name == 'schedule' + run: | + echo "${{ secrets.SSH_DEPLOY_KEY }}" > deploykey.priv + chmod 400 deploykey.priv + echo "${{ secrets.SSH_KNOWN_HOSTS_FILE }}" > ./known_hosts + + # - name: Deploy - Upload PR to staging + # if: github.event_name == 'pull_request' + # run: | + # echo "Deploying to staging.cryptoparty.hamburg.ccc.de/pr${{ github.event.pull_request.number }}" + # rsync -v -r --delete -e "ssh -i deploykey.priv -o 'UserKnownHostsFile ./known_hosts'" public/ cryptoparty-website-deploy@public-web-static-intern.hamburg.ccc.de:/var/www/staging.cryptoparty-hamburg.de/pr${{ github.event.pull_request.number }}/ + # - name: Deploy - Add comment to PR with staging URL + # if: github.event_name == 'pull_request' && github.event.action == 'opened' + # run: | + # curl \ + # -X POST \ + # ${{ github.event.pull_request.base.repo.url }}/issues/${{ github.event.pull_request.number }}/comments \ + # -H "Content-Type: application/json" \ + # -H "Authorization: token $GITHUB_TOKEN" \ + # --data '{ "body": "You can view your changes at https://staging.cryptoparty.hamburg.ccc.de/pr${{ github.event.pull_request.number }}/" }' + + - name: Deploy - Upload to prod + # if: (github.event_name == 'push' || github.event_name == 'schedule') && github.ref_name == 'main' + run: | + rsync -v -r --delete -e "ssh -i deploykey.priv -o 'UserKnownHostsFile ./known_hosts'" public/ cryptoparty-website-deploy@public-web-static-intern.hamburg.ccc.de:/var/www/cryptoparty-hamburg.de/ + + - uses: actions/upload-artifact@v4 + if: github.event_name == 'pull_request' + with: + name: website-build + path: public/ diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index d7034de..0000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,32 +0,0 @@ -image: debian:buster-slim -before_script: - - apt update -qq - -stages: - - build - - deploy - -build_job: - stage: build - script: - - DEBIAN_FRONTEND=noninteractive apt install --no-install-recommends -y -qq -o=Dpkg::Use-Pty=0 make hugo - - make - artifacts: - paths: - - public - variables: - GIT_SUBMODULE_STRATEGY: normal - -deploy_job: - stage: deploy - script: - - DEBIAN_FRONTEND=noninteractive apt install --no-install-recommends -y -qq -o=Dpkg::Use-Pty=0 openssh-client rsync - - umask 0077 - - mkdir $HOME/.ssh - - eval $(ssh-agent -s) - - echo "$RSYNC_TARGET_SECRET_KEY" | ssh-add - - - echo "[$RSYNC_TARGET_HOST]:$RSYNC_TARGET_PORT $RSYNC_TARGET_HOST_KEY" > $HOME/.ssh/known_hosts - - rsync -av --delete -e "ssh -p $RSYNC_TARGET_PORT" public/* "$RSYNC_TARGET_USER@$RSYNC_TARGET_HOST:/" - only: - - master - - hugo