name: Gitea Actions Demo run-name: ${{ gitea.actor }} is testing out Gitea Actions! 🚀 on: push: branches: - main jobs: build-and-push: runs-on: ubuntu-latest steps: # Despite not being present in the QuickStart instructions, this step is necessary in order to install `node`, # which is itself required for `actions/checkout` # Cannot use `actions/setup-node` because that _itself_ requires `node` (it makes it available to user-code, # rather than to the system. Interesting discussion [here](https://gitea.com/gitea/act_runner/issues/538)) - name: Install node run: apt-get update && apt-get install -y nodejs - name: Check out repository code uses: actions/checkout@v4 - name: Block posts containing-tk run: | # This is necessary because, if `grep ...` doesn't find anything, it will _return_ (not print) a value of 1 # (non-zero return codes indicating errors in Unix - since there are many more ways for something to go wrong # than there are for it to go right!), and so the `files=` assignment will also return 1, and the whole operation # will be considered a failure. # # Since a non-zero value is truthy in Linux, we can use the OR operator (`||`) to only execute the second command # if the first one errors out. So, this line can be translated to English as: # "Set the variable `files` to a list of all the files that contain `TK` - unless there aren't any, in which case # set it to `FILES NOT FOUND" files=$(grep -rl 'TK' blog/content/posts || echo "FILES NOT FOUND") # We have to filter out (`grep -v`) the "marker" value of `FILES NOT FOUND`, otherwise the no-matches case would # be recorded as having 1 matching file, leading to an error-out below. # (I guess _technically_ there's an edge case in that, if I ever make a blog post titled "FILES NOT FOUND" _which also_ # contains the string `TK`, it would slip through this check. But that feels pretty unlikely - not least because spaces # are very rare in my filesystem names - so I'm ok taking that risk) count=$(wc -l <(echo "$files" | grep -v "FILES NOT FOUND") | awk '{print $1}') if [[ "$count" -gt "0" ]]; then echo "Found TK in $count files:" echo $files exit 1 # TODO - and alerting via Matrix! fi - name: Build blog # We need the `extended` version of Hugo to support CSS transpilation via `libsass`. CBA to migrate to the new # `dartcss` tool. run: | wget https://github.com/gohugoio/hugo/releases/download/v0.139.0/hugo_extended_0.139.0_linux-amd64.deb sudo dpkg -i hugo_extended_0.139.0_linux-amd64.deb apt-get update && apt-get install -y git git submodule init git submodule update --recursive hugo --source blog - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Docker Registry uses: docker/login-action@v3 with: registry: gitea.scubbo.org username: scubbo password: ${{ secrets.PAT_FOR_GITEA_ACCESS }} - name: Build and push uses: docker/build-push-action@v5 with: context: . push: true platforms: linux/amd64,linux/arm64 tags: | gitea.scubbo.org/scubbo/blogcontent:latest gitea.scubbo.org/scubbo/blogcontent:${{ gitea.sha }} update-deployment-repo: runs-on: ubuntu-latest needs: - build-and-push steps: - name: Check out deployment repo uses: actions/checkout@v4 with: repository: scubbo/blog-deployment token: ${{ secrets.PAT_FOR_GITEA_ACCESS }} # Seems insecure - and it is! - but this is literally recommended by the Kustomize docs - name: Install kustomize run: curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash - name: Update deployment run: | ./kustomize edit set image image_name=*:${{ gitea.sha }} - name: Commit and push run: | git config --global user.email "auto-updater@scubbo.org" git config --global user.name "UpdaterBot" git add --all -- ':!kustomize' git commit -m "Update blog content to ${{ gitea.sha}}" git push