From f28fd40a781274106aff7499f0f7c75cc802dba7 Mon Sep 17 00:00:00 2001 From: brecert Date: Mon, 13 Sep 2021 23:54:39 -0400 Subject: [PATCH 01/15] Add support for external repositories with pull request previews --- .github/actions/build/action.yml | 34 ++++++++++++++++++++++ .github/workflows/preview_cleanup.yml | 4 +-- .github/workflows/preview_pull_request.yml | 31 +++++++++++--------- 3 files changed, 53 insertions(+), 16 deletions(-) create mode 100644 .github/actions/build/action.yml diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml new file mode 100644 index 00000000..2993627d --- /dev/null +++ b/.github/actions/build/action.yml @@ -0,0 +1,34 @@ +name: Build +description: Builds a project instance, assuming all the correct project files are in the build folder + +inputs: + base: + name: Base path + description: The path to use as a base for linking + required: true + default: / + folder: + name: Build Folder + description: The folder to try to build from + required: true + default: . + +runs: + using: composite + steps: + - name: Setup Node + uses: actions/setup-node@v2 + with: + node-version: 15 + cache: "yarn" + + - run: yarn install + # - run: yarn check + + - name: build + env: + BUILD_FOLDER: ${{ inputs.folder }} + BASE: ${{ inputs.base }} + run: | + cd "$BUILD_FOLDER" + yarn build --base "$BASE" diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index b7aa1d9a..9eb68100 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -1,8 +1,8 @@ name: Clean Preview #! Safety: -#! this workflow should not execute any code at all -#! see githubs docs on pull_request_target for more +#! this workflow should not execute any untrusted input at all +#! see the docs on `pull_request_target` for more on: pull_request_target: types: [unlabeled] diff --git a/.github/workflows/preview_pull_request.yml b/.github/workflows/preview_pull_request.yml index 6a0a239a..62512ddc 100644 --- a/.github/workflows/preview_pull_request.yml +++ b/.github/workflows/preview_pull_request.yml @@ -1,40 +1,43 @@ name: Preview Pull Request +#! Safety: +#! this workflow should not execute any untrusted input at all +#! see the docs on `pull_request_target` for more on: - pull_request: + pull_request_target: types: [synchronize, reopened, labeled] jobs: - build: + preview: runs-on: ubuntu-latest # make sure the pull request is labeled with 'use-preview' if: github.event.label.name == 'use-preview' || contains(github.event.pull_request.labels.*.name, 'use-preview') + env: + BASE: refs/pull/${{ github.event.pull_request.number }}/merge + REPO: ${{ github.event.repository.name }} steps: + - uses: actions/checkout@v2 + - uses: actions/checkout@v2 with: # Head commit of the pull request ref: ${{ github.event.pull_request.head.sha }} + path: pull submodules: recursive - - name: Setup Node - uses: actions/setup-node@v2 - with: - node-version: 15 - cache: "yarn" - - - run: yarn install - # - run: yarn check - - name: build - run: yarn build --base "/revite/${{ github.ref }}/" + uses: ./.github/actions/build_preview + with: + base: /${{ env.REPO }}/${{ env.BASE }}/ + folder: pull - name: publish preview uses: JamesIves/github-pages-deploy-action@4.1.5 with: folder: dist branch: build-previews - target-folder: ${{ github.ref }} + target-folder: ${{ env.BASE }} single-commit: true - name: send comment @@ -43,6 +46,6 @@ jobs: header: Preview environment message: | ## Preview environment - https://${{ github.repository_owner }}.github.io/revite/${{ github.ref }}/ + https://${{ github.repository_owner }}.github.io/${{ env.REPO }}/${{ env.BASE }}/ This link will remain active until the `use-preview` label is removed. From 12547ba0fef4783189db0d3b5de23220ad45797d Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:03:58 -0400 Subject: [PATCH 02/15] Improve preview cleanup interpolation --- .github/workflows/preview_cleanup.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index 9eb68100..93c4e1aa 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -11,6 +11,8 @@ jobs: clean: runs-on: ubuntu-latest if: github.event.label.name == 'use-preview' + env: + BASE: refs/pull/${{ github.event.pull_request.number }} steps: - uses: actions/checkout@v2 @@ -19,7 +21,7 @@ jobs: persist-credentials: false - name: clean previews - run: 'rm -rf "./refs/pull/${{ github.event.pull_request.number }}"' + run: rm -rf "$BASE" - name: publish cleaned previews uses: JamesIves/github-pages-deploy-action@4.1.5 From 951a773b2cfd4425ad8b13bd9a1526870838acf6 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:22:16 -0400 Subject: [PATCH 03/15] Change mirror to only run if a key is set --- .github/workflows/mirroring.yml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/.github/workflows/mirroring.yml b/.github/workflows/mirroring.yml index 096a64f9..3f1d27fa 100644 --- a/.github/workflows/mirroring.yml +++ b/.github/workflows/mirroring.yml @@ -3,13 +3,12 @@ name: Mirroring on: [push, delete] jobs: - to_gitlab: - runs-on: ubuntu-18.04 - steps: - - uses: actions/checkout@v1 - - uses: pixta-dev/repository-mirroring-action@v1 - with: - target_repo_url: - git@gitlab.com:insert/revolt-vite.git - ssh_private_key: - ${{ secrets.GITLAB_SSH_PRIVATE_KEY }} + to_gitlab: + runs-on: ubuntu-18.04 + if: ${{ secrets.GITLAB_SSH_PRIVATE_KEY }} + steps: + - uses: actions/checkout@v1 + - uses: pixta-dev/repository-mirroring-action@v1 + with: + target_repo_url: git@gitlab.com:insert/revolt-vite.git + ssh_private_key: ${{ secrets.GITLAB_SSH_PRIVATE_KEY }} From cdf900d08bc7e889f695a9c6f0cb7b65b2cc8472 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:26:18 -0400 Subject: [PATCH 04/15] Change docker workflow to exclude preview workflows - changed the docker workflow to exclude preview workflows from causing the docker workflow to run again --- .github/workflows/docker.yml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 424f4a8c..5e70a239 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -9,6 +9,7 @@ on: paths-ignore: - ".github/**" - "!.github/workflows/docker.yml" + - "!.github/workflows/preview_*.yml" - ".vscode/**" - ".gitignore" - ".gitlab-ci.yml" @@ -23,8 +24,8 @@ jobs: test: runs-on: ubuntu-latest strategy: - matrix: - architecture: [linux/amd64] + matrix: + architecture: [linux/amd64] steps: - name: Checkout uses: actions/checkout@v2 @@ -37,8 +38,8 @@ jobs: - name: Cache Docker layers uses: actions/cache@v2 with: - path: /tmp/.buildx-cache/${{ matrix.architecture }} - key: ${{ runner.os }}-buildx-${{ matrix.architecture }}-${{ github.sha }} + path: /tmp/.buildx-cache/${{ matrix.architecture }} + key: ${{ runner.os }}-buildx-${{ matrix.architecture }}-${{ github.sha }} - name: Build uses: docker/build-push-action@v2 with: @@ -48,8 +49,8 @@ jobs: cache-to: type=local,dest=/tmp/.buildx-cache-new/${{ matrix.architecture }},mode=max - name: Move cache run: | - rm -rf /tmp/.buildx-cache/${{ matrix.architecture }} - mv /tmp/.buildx-cache-new/${{ matrix.architecture }} /tmp/.buildx-cache/${{ matrix.architecture }} + rm -rf /tmp/.buildx-cache/${{ matrix.architecture }} + mv /tmp/.buildx-cache-new/${{ matrix.architecture }} /tmp/.buildx-cache/${{ matrix.architecture }} publish: needs: [test] @@ -67,8 +68,8 @@ jobs: - name: Cache amd64 Docker layers uses: actions/cache@v2 with: - path: /tmp/.buildx-cache/linux/amd64 - key: ${{ runner.os }}-buildx-linux/amd64-${{ github.sha }} + path: /tmp/.buildx-cache/linux/amd64 + key: ${{ runner.os }}-buildx-linux/amd64-${{ github.sha }} - name: Docker meta id: meta uses: docker/metadata-action@v3 @@ -97,5 +98,5 @@ jobs: cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - name: Move cache run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache From 628bf52ff3a6a2b438c70aa97810157350a92c76 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:27:30 -0400 Subject: [PATCH 05/15] Use ignored paths for `pull_request` events as well --- .github/workflows/docker.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 5e70a239..8d3ece01 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -18,6 +18,15 @@ on: pull_request: branches: - "master" + paths-ignore: + - ".github/**" + - "!.github/workflows/docker.yml" + - "!.github/workflows/preview_*.yml" + - ".vscode/**" + - ".gitignore" + - ".gitlab-ci.yml" + - "LICENSE" + - "README" workflow_dispatch: jobs: From f584819a1665ed2c58d8601cede6b75bb576bd65 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:44:46 -0400 Subject: [PATCH 06/15] Fix secret not needing to be interpolated --- .github/workflows/mirroring.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mirroring.yml b/.github/workflows/mirroring.yml index 3f1d27fa..8968a04f 100644 --- a/.github/workflows/mirroring.yml +++ b/.github/workflows/mirroring.yml @@ -5,7 +5,7 @@ on: [push, delete] jobs: to_gitlab: runs-on: ubuntu-18.04 - if: ${{ secrets.GITLAB_SSH_PRIVATE_KEY }} + if: secrets.GITLAB_SSH_PRIVATE_KEY steps: - uses: actions/checkout@v1 - uses: pixta-dev/repository-mirroring-action@v1 From f5546878783f1233ed57247c318afdee9893bb7c Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:51:27 -0400 Subject: [PATCH 07/15] Fix `build` being `build_preview` --- .github/workflows/preview_pull_request.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/preview_pull_request.yml b/.github/workflows/preview_pull_request.yml index 62512ddc..5d219f38 100644 --- a/.github/workflows/preview_pull_request.yml +++ b/.github/workflows/preview_pull_request.yml @@ -27,7 +27,7 @@ jobs: submodules: recursive - name: build - uses: ./.github/actions/build_preview + uses: ./.github/actions/build with: base: /${{ env.REPO }}/${{ env.BASE }}/ folder: pull From aaac3157360f02de9a1f674e010ba825568af668 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:10:57 -0400 Subject: [PATCH 08/15] Fix shell not being included for build action --- .github/actions/build/action.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 2993627d..8212824b 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -13,6 +13,10 @@ inputs: required: true default: . +env: + BUILD_FOLDER: ${{ inputs.folder }} + BASE: ${{ inputs.base }} + runs: using: composite steps: @@ -22,13 +26,12 @@ runs: node-version: 15 cache: "yarn" - - run: yarn install - # - run: yarn check + - name: install dependencies + shell: bash -l {0} + run: yarn install - name: build - env: - BUILD_FOLDER: ${{ inputs.folder }} - BASE: ${{ inputs.base }} + shell: bash -l {0} run: | cd "$BUILD_FOLDER" yarn build --base "$BASE" From 785badae6e978d1aea140fb8693596acf6ae6abc Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:16:31 -0400 Subject: [PATCH 09/15] Fix env location --- .github/actions/build/action.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 8212824b..92cb62be 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -13,10 +13,6 @@ inputs: required: true default: . -env: - BUILD_FOLDER: ${{ inputs.folder }} - BASE: ${{ inputs.base }} - runs: using: composite steps: @@ -31,6 +27,9 @@ runs: run: yarn install - name: build + env: + BUILD_FOLDER: ${{ inputs.folder }} + BASE: ${{ inputs.base }} shell: bash -l {0} run: | cd "$BUILD_FOLDER" From 450789fafef7dc5124860128e4e6901fceb8964c Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:30:52 -0400 Subject: [PATCH 10/15] Merge install and build together --- .github/actions/build/action.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 92cb62be..b86ee3aa 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -22,15 +22,11 @@ runs: node-version: 15 cache: "yarn" - - name: install dependencies + - name: Install Dependencies and Build shell: bash -l {0} - run: yarn install - - - name: build env: BUILD_FOLDER: ${{ inputs.folder }} BASE: ${{ inputs.base }} - shell: bash -l {0} run: | - cd "$BUILD_FOLDER" + yarn install yarn build --base "$BASE" From 44b1e2a0793d9541425ffb5450664a384eceea75 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:37:37 -0400 Subject: [PATCH 11/15] Fix not `cd`ing into the folder --- .github/actions/build/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index b86ee3aa..ff62e3f7 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -28,5 +28,6 @@ runs: BUILD_FOLDER: ${{ inputs.folder }} BASE: ${{ inputs.base }} run: | + cd "$BUILD_FOLDER" yarn install yarn build --base "$BASE" From ba2d0dd6d12db9a9cbbc2882fd152076e8921042 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:48:28 -0400 Subject: [PATCH 12/15] Fix wrong folder --- .github/workflows/preview_pull_request.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/preview_pull_request.yml b/.github/workflows/preview_pull_request.yml index 5d219f38..bde8f617 100644 --- a/.github/workflows/preview_pull_request.yml +++ b/.github/workflows/preview_pull_request.yml @@ -35,7 +35,7 @@ jobs: - name: publish preview uses: JamesIves/github-pages-deploy-action@4.1.5 with: - folder: dist + folder: pull/dist branch: build-previews target-folder: ${{ env.BASE }} single-commit: true From 2e8c3aa242474c67997a4bba43d8e8ee27db8ddc Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 18:58:57 -0400 Subject: [PATCH 13/15] Make `BASE` in cleanup relative --- .github/workflows/preview_cleanup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index 93c4e1aa..8e38f289 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest if: github.event.label.name == 'use-preview' env: - BASE: refs/pull/${{ github.event.pull_request.number }} + BASE: ./refs/pull/${{ github.event.pull_request.number }} steps: - uses: actions/checkout@v2 From d123c5c44d486908c6e52e590e2dcbe6a3099ede Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 19:21:55 -0400 Subject: [PATCH 14/15] Fix push issues for cleanup by removing `single-commit` - note: in the future, `JamesIves/github-pages-deploy-action@4.1.5` may need to be replaced or supplemented by git commands to fully reset the preview branch so that images and builds do not linger and take up storage for too long --- .github/workflows/preview_cleanup.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index 8e38f289..1540f4f3 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest if: github.event.label.name == 'use-preview' env: - BASE: ./refs/pull/${{ github.event.pull_request.number }} + BASE: refs/pull/${{ github.event.pull_request.number }} steps: - uses: actions/checkout@v2 @@ -28,7 +28,6 @@ jobs: with: folder: . branch: build-previews - single-commit: true - name: send comment uses: marocchino/sticky-pull-request-comment@v2 From f01eb1d70f6d936cb4f0c32ece5b79dd66e84c99 Mon Sep 17 00:00:00 2001 From: brecert Date: Thu, 16 Sep 2021 16:38:18 -0400 Subject: [PATCH 15/15] Add commit messages --- .github/workflows/preview_cleanup.yml | 1 + .github/workflows/preview_pull_request.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index 1540f4f3..c041f58b 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -28,6 +28,7 @@ jobs: with: folder: . branch: build-previews + commit-message: "Cleaning up build result for #${{ github.event.pull_request.number }}" - name: send comment uses: marocchino/sticky-pull-request-comment@v2 diff --git a/.github/workflows/preview_pull_request.yml b/.github/workflows/preview_pull_request.yml index bde8f617..68aca237 100644 --- a/.github/workflows/preview_pull_request.yml +++ b/.github/workflows/preview_pull_request.yml @@ -39,6 +39,7 @@ jobs: branch: build-previews target-folder: ${{ env.BASE }} single-commit: true + commit-message: "Publishing build result from #${{ github.event.pull_request.number }}" - name: send comment uses: marocchino/sticky-pull-request-comment@v2