From 05979249963bd0c8daadf2fd92373e707010b292 Mon Sep 17 00:00:00 2001 From: brecert Date: Mon, 13 Sep 2021 23:54:39 -0400 Subject: [PATCH 01/15] Add support for external repositories with pull request previews --- .github/actions/build/action.yml | 34 ++++++++++++++++++++++ .github/workflows/preview_cleanup.yml | 4 +-- .github/workflows/preview_pull_request.yml | 31 +++++++++++--------- 3 files changed, 53 insertions(+), 16 deletions(-) create mode 100644 .github/actions/build/action.yml diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml new file mode 100644 index 00000000..2993627d --- /dev/null +++ b/.github/actions/build/action.yml @@ -0,0 +1,34 @@ +name: Build +description: Builds a project instance, assuming all the correct project files are in the build folder + +inputs: + base: + name: Base path + description: The path to use as a base for linking + required: true + default: / + folder: + name: Build Folder + description: The folder to try to build from + required: true + default: . + +runs: + using: composite + steps: + - name: Setup Node + uses: actions/setup-node@v2 + with: + node-version: 15 + cache: "yarn" + + - run: yarn install + # - run: yarn check + + - name: build + env: + BUILD_FOLDER: ${{ inputs.folder }} + BASE: ${{ inputs.base }} + run: | + cd "$BUILD_FOLDER" + yarn build --base "$BASE" diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index b7aa1d9a..9eb68100 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -1,8 +1,8 @@ name: Clean Preview #! Safety: -#! this workflow should not execute any code at all -#! see githubs docs on pull_request_target for more +#! this workflow should not execute any untrusted input at all +#! see the docs on `pull_request_target` for more on: pull_request_target: types: [unlabeled] diff --git a/.github/workflows/preview_pull_request.yml b/.github/workflows/preview_pull_request.yml index 6a0a239a..62512ddc 100644 --- a/.github/workflows/preview_pull_request.yml +++ b/.github/workflows/preview_pull_request.yml @@ -1,40 +1,43 @@ name: Preview Pull Request +#! Safety: +#! this workflow should not execute any untrusted input at all +#! see the docs on `pull_request_target` for more on: - pull_request: + pull_request_target: types: [synchronize, reopened, labeled] jobs: - build: + preview: runs-on: ubuntu-latest # make sure the pull request is labeled with 'use-preview' if: github.event.label.name == 'use-preview' || contains(github.event.pull_request.labels.*.name, 'use-preview') + env: + BASE: refs/pull/${{ github.event.pull_request.number }}/merge + REPO: ${{ github.event.repository.name }} steps: + - uses: actions/checkout@v2 + - uses: actions/checkout@v2 with: # Head commit of the pull request ref: ${{ github.event.pull_request.head.sha }} + path: pull submodules: recursive - - name: Setup Node - uses: actions/setup-node@v2 - with: - node-version: 15 - cache: "yarn" - - - run: yarn install - # - run: yarn check - - name: build - run: yarn build --base "/revite/${{ github.ref }}/" + uses: ./.github/actions/build_preview + with: + base: /${{ env.REPO }}/${{ env.BASE }}/ + folder: pull - name: publish preview uses: JamesIves/github-pages-deploy-action@4.1.5 with: folder: dist branch: build-previews - target-folder: ${{ github.ref }} + target-folder: ${{ env.BASE }} single-commit: true - name: send comment @@ -43,6 +46,6 @@ jobs: header: Preview environment message: | ## Preview environment - https://${{ github.repository_owner }}.github.io/revite/${{ github.ref }}/ + https://${{ github.repository_owner }}.github.io/${{ env.REPO }}/${{ env.BASE }}/ This link will remain active until the `use-preview` label is removed. From 76bdd554fb56e6a99bd835da4251c34816d60e28 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:03:58 -0400 Subject: [PATCH 02/15] Improve preview cleanup interpolation --- .github/workflows/preview_cleanup.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index 9eb68100..93c4e1aa 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -11,6 +11,8 @@ jobs: clean: runs-on: ubuntu-latest if: github.event.label.name == 'use-preview' + env: + BASE: refs/pull/${{ github.event.pull_request.number }} steps: - uses: actions/checkout@v2 @@ -19,7 +21,7 @@ jobs: persist-credentials: false - name: clean previews - run: 'rm -rf "./refs/pull/${{ github.event.pull_request.number }}"' + run: rm -rf "$BASE" - name: publish cleaned previews uses: JamesIves/github-pages-deploy-action@4.1.5 From 6fa4aca8a965834b6dff5c18d3f3dcc6bfe547ea Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:22:16 -0400 Subject: [PATCH 03/15] Change mirror to only run if a key is set --- .github/workflows/mirroring.yml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/.github/workflows/mirroring.yml b/.github/workflows/mirroring.yml index 096a64f9..3f1d27fa 100644 --- a/.github/workflows/mirroring.yml +++ b/.github/workflows/mirroring.yml @@ -3,13 +3,12 @@ name: Mirroring on: [push, delete] jobs: - to_gitlab: - runs-on: ubuntu-18.04 - steps: - - uses: actions/checkout@v1 - - uses: pixta-dev/repository-mirroring-action@v1 - with: - target_repo_url: - git@gitlab.com:insert/revolt-vite.git - ssh_private_key: - ${{ secrets.GITLAB_SSH_PRIVATE_KEY }} + to_gitlab: + runs-on: ubuntu-18.04 + if: ${{ secrets.GITLAB_SSH_PRIVATE_KEY }} + steps: + - uses: actions/checkout@v1 + - uses: pixta-dev/repository-mirroring-action@v1 + with: + target_repo_url: git@gitlab.com:insert/revolt-vite.git + ssh_private_key: ${{ secrets.GITLAB_SSH_PRIVATE_KEY }} From 3899f75ed3309f75573ed4a1aafee4ac55e09db1 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:26:18 -0400 Subject: [PATCH 04/15] Change docker workflow to exclude preview workflows - changed the docker workflow to exclude preview workflows from causing the docker workflow to run again --- .github/workflows/docker.yml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 424f4a8c..5e70a239 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -9,6 +9,7 @@ on: paths-ignore: - ".github/**" - "!.github/workflows/docker.yml" + - "!.github/workflows/preview_*.yml" - ".vscode/**" - ".gitignore" - ".gitlab-ci.yml" @@ -23,8 +24,8 @@ jobs: test: runs-on: ubuntu-latest strategy: - matrix: - architecture: [linux/amd64] + matrix: + architecture: [linux/amd64] steps: - name: Checkout uses: actions/checkout@v2 @@ -37,8 +38,8 @@ jobs: - name: Cache Docker layers uses: actions/cache@v2 with: - path: /tmp/.buildx-cache/${{ matrix.architecture }} - key: ${{ runner.os }}-buildx-${{ matrix.architecture }}-${{ github.sha }} + path: /tmp/.buildx-cache/${{ matrix.architecture }} + key: ${{ runner.os }}-buildx-${{ matrix.architecture }}-${{ github.sha }} - name: Build uses: docker/build-push-action@v2 with: @@ -48,8 +49,8 @@ jobs: cache-to: type=local,dest=/tmp/.buildx-cache-new/${{ matrix.architecture }},mode=max - name: Move cache run: | - rm -rf /tmp/.buildx-cache/${{ matrix.architecture }} - mv /tmp/.buildx-cache-new/${{ matrix.architecture }} /tmp/.buildx-cache/${{ matrix.architecture }} + rm -rf /tmp/.buildx-cache/${{ matrix.architecture }} + mv /tmp/.buildx-cache-new/${{ matrix.architecture }} /tmp/.buildx-cache/${{ matrix.architecture }} publish: needs: [test] @@ -67,8 +68,8 @@ jobs: - name: Cache amd64 Docker layers uses: actions/cache@v2 with: - path: /tmp/.buildx-cache/linux/amd64 - key: ${{ runner.os }}-buildx-linux/amd64-${{ github.sha }} + path: /tmp/.buildx-cache/linux/amd64 + key: ${{ runner.os }}-buildx-linux/amd64-${{ github.sha }} - name: Docker meta id: meta uses: docker/metadata-action@v3 @@ -97,5 +98,5 @@ jobs: cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - name: Move cache run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache From dcd84b3d2327d00a3b707175a3976c17d5cf99a6 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:27:30 -0400 Subject: [PATCH 05/15] Use ignored paths for `pull_request` events as well --- .github/workflows/docker.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 5e70a239..8d3ece01 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -18,6 +18,15 @@ on: pull_request: branches: - "master" + paths-ignore: + - ".github/**" + - "!.github/workflows/docker.yml" + - "!.github/workflows/preview_*.yml" + - ".vscode/**" + - ".gitignore" + - ".gitlab-ci.yml" + - "LICENSE" + - "README" workflow_dispatch: jobs: From 16423703ea4a0de5c6f70004fc6f1932323122e4 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:44:46 -0400 Subject: [PATCH 06/15] Fix secret not needing to be interpolated --- .github/workflows/mirroring.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mirroring.yml b/.github/workflows/mirroring.yml index 3f1d27fa..8968a04f 100644 --- a/.github/workflows/mirroring.yml +++ b/.github/workflows/mirroring.yml @@ -5,7 +5,7 @@ on: [push, delete] jobs: to_gitlab: runs-on: ubuntu-18.04 - if: ${{ secrets.GITLAB_SSH_PRIVATE_KEY }} + if: secrets.GITLAB_SSH_PRIVATE_KEY steps: - uses: actions/checkout@v1 - uses: pixta-dev/repository-mirroring-action@v1 From 801903343298be4f8248b66ce8d89f99fc652b54 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 00:51:27 -0400 Subject: [PATCH 07/15] Fix `build` being `build_preview` --- .github/workflows/preview_pull_request.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/preview_pull_request.yml b/.github/workflows/preview_pull_request.yml index 62512ddc..5d219f38 100644 --- a/.github/workflows/preview_pull_request.yml +++ b/.github/workflows/preview_pull_request.yml @@ -27,7 +27,7 @@ jobs: submodules: recursive - name: build - uses: ./.github/actions/build_preview + uses: ./.github/actions/build with: base: /${{ env.REPO }}/${{ env.BASE }}/ folder: pull From 09fd82300702e355c321d5687ebb1113779942da Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:10:57 -0400 Subject: [PATCH 08/15] Fix shell not being included for build action --- .github/actions/build/action.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 2993627d..8212824b 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -13,6 +13,10 @@ inputs: required: true default: . +env: + BUILD_FOLDER: ${{ inputs.folder }} + BASE: ${{ inputs.base }} + runs: using: composite steps: @@ -22,13 +26,12 @@ runs: node-version: 15 cache: "yarn" - - run: yarn install - # - run: yarn check + - name: install dependencies + shell: bash -l {0} + run: yarn install - name: build - env: - BUILD_FOLDER: ${{ inputs.folder }} - BASE: ${{ inputs.base }} + shell: bash -l {0} run: | cd "$BUILD_FOLDER" yarn build --base "$BASE" From 0be8c625e4f9dbb2c21617c82eb44da63812876c Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:16:31 -0400 Subject: [PATCH 09/15] Fix env location --- .github/actions/build/action.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 8212824b..92cb62be 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -13,10 +13,6 @@ inputs: required: true default: . -env: - BUILD_FOLDER: ${{ inputs.folder }} - BASE: ${{ inputs.base }} - runs: using: composite steps: @@ -31,6 +27,9 @@ runs: run: yarn install - name: build + env: + BUILD_FOLDER: ${{ inputs.folder }} + BASE: ${{ inputs.base }} shell: bash -l {0} run: | cd "$BUILD_FOLDER" From ebe4b813ac02ef9e19b83200f9af463aa03411f1 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:30:52 -0400 Subject: [PATCH 10/15] Merge install and build together --- .github/actions/build/action.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 92cb62be..b86ee3aa 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -22,15 +22,11 @@ runs: node-version: 15 cache: "yarn" - - name: install dependencies + - name: Install Dependencies and Build shell: bash -l {0} - run: yarn install - - - name: build env: BUILD_FOLDER: ${{ inputs.folder }} BASE: ${{ inputs.base }} - shell: bash -l {0} run: | - cd "$BUILD_FOLDER" + yarn install yarn build --base "$BASE" From b1b205c9a83534af8ce4feea8a5f29ab5734615a Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:37:37 -0400 Subject: [PATCH 11/15] Fix not `cd`ing into the folder --- .github/actions/build/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index b86ee3aa..ff62e3f7 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -28,5 +28,6 @@ runs: BUILD_FOLDER: ${{ inputs.folder }} BASE: ${{ inputs.base }} run: | + cd "$BUILD_FOLDER" yarn install yarn build --base "$BASE" From 76430b2d33e60777cdf93946c7d2a5823ffcafce Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 01:48:28 -0400 Subject: [PATCH 12/15] Fix wrong folder --- .github/workflows/preview_pull_request.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/preview_pull_request.yml b/.github/workflows/preview_pull_request.yml index 5d219f38..bde8f617 100644 --- a/.github/workflows/preview_pull_request.yml +++ b/.github/workflows/preview_pull_request.yml @@ -35,7 +35,7 @@ jobs: - name: publish preview uses: JamesIves/github-pages-deploy-action@4.1.5 with: - folder: dist + folder: pull/dist branch: build-previews target-folder: ${{ env.BASE }} single-commit: true From 0aaa649fd17974136c40ebdca31de889ce8c1811 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 18:58:57 -0400 Subject: [PATCH 13/15] Make `BASE` in cleanup relative --- .github/workflows/preview_cleanup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index 93c4e1aa..8e38f289 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest if: github.event.label.name == 'use-preview' env: - BASE: refs/pull/${{ github.event.pull_request.number }} + BASE: ./refs/pull/${{ github.event.pull_request.number }} steps: - uses: actions/checkout@v2 From 4b99c9d4717342e607dcb4ded971a188a11fbb85 Mon Sep 17 00:00:00 2001 From: brecert Date: Tue, 14 Sep 2021 19:21:55 -0400 Subject: [PATCH 14/15] Fix push issues for cleanup by removing `single-commit` - note: in the future, `JamesIves/github-pages-deploy-action@4.1.5` may need to be replaced or supplemented by git commands to fully reset the preview branch so that images and builds do not linger and take up storage for too long --- .github/workflows/preview_cleanup.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index 8e38f289..1540f4f3 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest if: github.event.label.name == 'use-preview' env: - BASE: ./refs/pull/${{ github.event.pull_request.number }} + BASE: refs/pull/${{ github.event.pull_request.number }} steps: - uses: actions/checkout@v2 @@ -28,7 +28,6 @@ jobs: with: folder: . branch: build-previews - single-commit: true - name: send comment uses: marocchino/sticky-pull-request-comment@v2 From 408fbdf90cfd457aafabe2326ad885a1c6175ab4 Mon Sep 17 00:00:00 2001 From: brecert Date: Thu, 16 Sep 2021 16:38:18 -0400 Subject: [PATCH 15/15] Add commit messages --- .github/workflows/preview_cleanup.yml | 1 + .github/workflows/preview_pull_request.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/preview_cleanup.yml b/.github/workflows/preview_cleanup.yml index 1540f4f3..c041f58b 100644 --- a/.github/workflows/preview_cleanup.yml +++ b/.github/workflows/preview_cleanup.yml @@ -28,6 +28,7 @@ jobs: with: folder: . branch: build-previews + commit-message: "Cleaning up build result for #${{ github.event.pull_request.number }}" - name: send comment uses: marocchino/sticky-pull-request-comment@v2 diff --git a/.github/workflows/preview_pull_request.yml b/.github/workflows/preview_pull_request.yml index bde8f617..68aca237 100644 --- a/.github/workflows/preview_pull_request.yml +++ b/.github/workflows/preview_pull_request.yml @@ -39,6 +39,7 @@ jobs: branch: build-previews target-folder: ${{ env.BASE }} single-commit: true + commit-message: "Publishing build result from #${{ github.event.pull_request.number }}" - name: send comment uses: marocchino/sticky-pull-request-comment@v2