Update followers of avatars #205
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test & deploy | |
on: | |
pull_request: | |
types: [opened, synchronize] | |
push: | |
branches: | |
- main | |
# Kill already running jobs after a new push | |
concurrency: | |
group: ${{ github.head_ref || github.ref }} | |
cancel-in-progress: true | |
env: | |
node-version: "20.11.1" | |
jobs: | |
lint: | |
name: Lint with Prettier | |
runs-on: ubuntu-latest | |
timeout-minutes: 5 | |
steps: | |
- name: Checkout "${{ github.event.pull_request.head.repo.full_name }}:${{ github.head_ref }}" branch | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.ref }} | |
repository: ${{ github.event.pull_request.head.repo.full_name }} | |
- name: Fail on forbidden words | |
uses: simpleanalytics/fail-on-found-action@v2 | |
with: | |
query: 'console.log,.indexOf(",.indexOf(''' | |
exclude: "node_modules,.git" | |
- name: Prettier Action | |
uses: creyD/prettier_action@v4.3 | |
with: | |
dry: true | |
prettier_version: "3.2.5" | |
prettier_options: "--check --write {,!(static|.github)/**/}*.{js,vue,html,json,md,yml,css,scss}" | |
commit_message: "Run prettier via GitHub Action" | |
file_pattern: "." | |
env: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
build: | |
runs-on: ubuntu-latest | |
needs: [lint] | |
steps: | |
- name: Check Out Repo | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Cache Docker layers | |
uses: actions/cache@v4 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Build and push | |
id: docker_build | |
uses: docker/build-push-action@v5 | |
with: | |
context: ./ | |
file: ./Dockerfile | |
push: ${{ github.ref == 'refs/heads/main' }} | |
tags: ghcr.io/simpleanalytics/marketing-site:latest | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
build-args: | | |
"BUILD_REV=${{ github.sha }}" | |
secrets: | | |
"github_pat=${{ secrets.PERSONAL_ACCESS_TOKEN_ADRIAAN_READ_PACKAGES }}" | |
deploy: | |
runs-on: ubuntu-latest | |
needs: [lint, build] | |
if: github.ref == 'refs/heads/main' | |
steps: | |
- name: Deploy | |
env: | |
DEPLOY_SSH_KEY: "${{ secrets.DEPLOY_SSH_KEY }}" | |
# If server changes keys, update this variable with "ssh-keyscan cms.simpleanalytics.com | grep ed25519" | |
# Saving the server public key protects against MITM attacks. | |
KNOWN_HOSTS: "www.simpleanalytics.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBRvG5ld8OWPVR/7/PpsG46QwKXff6wA72VMySgFZ0JG" | |
run: | | |
mkdir -p ~/.ssh | |
echo "$KNOWN_HOSTS" >> ~/.ssh/known_hosts | |
echo "$DEPLOY_SSH_KEY" > /tmp/ssh_key | |
chmod 600 /tmp/ssh_key | |
ssh -i /tmp/ssh_key -T app@www.simpleanalytics.com |