Skip to content

Enable browser-side caching #201

Enable browser-side caching

Enable browser-side caching #201

#
# GitHub Actions workflow: Builds the site and uploads it to the target server.
#
# For more details on workflows, see README.md.
#
# See also: https://gohugo.io/hosting-and-deployment/hosting-on-github/
#
name: Build and Deploy
# When to run this workflow
# See: https://docs.github.com/en/actions/reference/events-that-trigger-workflows
# See: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#on
on:
# Trigger the workflow on push to the main branch (deploy to production).
push:
branches: [ main ]
# Trigger the workflow for any pull requests (deploy to preview, if "local" PR; don't deploy if PR from fork).
pull_request:
# Allow manual run of this workflow (https://docs.github.com/en/actions/using-workflows/manually-running-a-workflow)
workflow_dispatch:
# Permissions for GITHUB_TOKEN for this workflow.
# See: https://docs.github.com/en/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token
permissions:
contents: read
env:
# Set "DEPLOY_STATE" to "production" if this workflow was triggered by a push to the main branch.
# Set "DEPLOY_STATE" to "preview" in any other case (i.e. pull requests).
DEPLOY_STAGE: ${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main' && 'production' || 'preview' }}
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#concurrency
concurrency:
# Makes this workflow part of the "deploy" concurrency group. (Note that this text can be chosen arbitrarily.)
# NOTE: Unfortunately, we can't use "env.DEPLOY_STAGE" as "env." is not supported.
group: deploy-${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main' && 'production' || 'preview' }}
# Do NOT cancel in-progress runs as we want to allow these deployments to complete.
cancel-in-progress: false
# NOTE: Jobs run in parallel by default.
# https://docs.github.com/en/actions/using-jobs/using-jobs-in-a-workflow
jobs:
build-and-deploy:
# Name the job
name: Build & Deploy
# Set the type of machine to run on
# See: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idruns-on
runs-on: ubuntu-latest
steps:
- name: Install Hugo CLI
run: sudo snap install hugo
# See: https://github.com/actions/setup-node
- name: Setup NodeJS environment
uses: actions/setup-node@v4
with:
node-version: 'latest'
# See: https://github.com/actions/checkout
- name: Clone Git repository
uses: actions/checkout@v4
with:
lfs: true
submodules: true
# IMPORTANT: Fetch the whole history. This is how Hugo determines the (publish) dates for the articles!!!
fetch-depth: 0
# Use this to dump the complete "github" context for the build log.
# - name: Dump GitHub context
# env:
# GITHUB_CONTEXT: ${{ toJson(github) }}
# run: echo "$GITHUB_CONTEXT"
- name: Download node modules (assets)
run: npm install
working-directory: themes/devlog-theme/assets
- name: Download node modules (utils)
run: npm install
working-directory: themes/devlog-theme/_utils
- name: Build site (preview)
if: ${{ env.DEPLOY_STAGE == 'preview' }}
# NOTE: We don't use "--minify" here so that the output remains better readable/diffable.
run: hugo --destination ./public/ --printPathWarnings --logLevel info --panicOnWarning --buildDrafts --baseURL 'https://preview.manski.net'
env:
# Disable search engine crawling for the preview stage.
HUGO_PARAMS_robots: 'noindex,nofollow'
# For pull requests, the git branch name can't be determined by reading ".git/HEAD". So we have to specify it here explicitly.
HUGO_PARAMS_gitBranch: ${{ github.head_ref }}
- name: Build site (production)
if: ${{ env.DEPLOY_STAGE == 'production' }}
run: hugo --destination ./public/ --printPathWarnings --logLevel info --panicOnWarning
- name: Beautify output
run: node beautify.js "../../../public"
working-directory: themes/devlog-theme/_utils
- name: Build search index
run: npx pagefind --site "../../../public"
working-directory: themes/devlog-theme/_utils
# This creates ${{ steps.short-sha.outputs.sha }} to be used below.
# See: https://github.com/marketplace/actions/short-sha
- name: Provide short commit hash to workflow
id: short-sha
uses: benjlevesque/[email protected]
- name: Determine Hugo version
id: hugo-version
run: hugo version | sed -r 's/hugo v([0-9.]+).*/version=\1/' >> $GITHUB_OUTPUT
#
# Store generated files in a zip file in the workflow itself. This way outputs between two workflow runs can be compared,
# if necessary.
#
# NOTE: Artifacts are retained only up to 90 days at the moment. See: https://github.com/orgs/community/discussions/107115
#
# See: https://github.com/actions/upload-artifact
- name: Add generated files to workflow run
uses: actions/upload-artifact@v4
with:
# To make the artifacts easier to differentiate (i.e. when downloading them from different runs),
# we'll add the workflow run number to the name (this is the same number that's also shown in the
# GitHub UI - like 27 for run #27).
#
# NOTE: We also add some context information (like the commit SHA) to the file name to make it easier
# to identify what this artifact represents.
name: 'generated-files_#${{ github.run_number }}_sha-${{ steps.short-sha.outputs.sha }}_hugo-${{ steps.hugo-version.outputs.version }}'
path: ./public/
if-no-files-found: error
# See: https://github.com/marketplace/actions/ftp-deploy
- name: Deploy site
uses: SamKirkland/[email protected]
env:
HAS_ACCESS_TO_SECRETS: ${{ secrets.ftp_username }}
# Only run this step if the workflow has access to the repository's secret. Only pull requests
# from within the repository itself have access. Pull requests from forks don't have access.
# See below.
if: ${{ env.HAS_ACCESS_TO_SECRETS }}
with:
# See: https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions
# IMPORTANT: Secrets are NOT available for pull requests from forked repositories!!!
# Meaning: We don't need to fear that a malicious pull request will overwrite our web site.
# See: https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#using-secrets-in-a-workflow
server: ${{ secrets.ftp_server }}
username: ${{ secrets.ftp_username }}
password: ${{ secrets.ftp_password }}
# Use an encrypted FTP connection.
protocol: ftps
#log-level: verbose
# NOTE: This action actually compares file hashes to determine if a file needs to be uploaded.
local-dir: ./public/
server-dir: ./www_${{ env.DEPLOY_STAGE }}/
state-name: ../sync-state-${{ env.DEPLOY_STAGE }}.json
# NOTE: By default, "exclude" contains "node_modules". We have to remove this exclude rule because
# we use this to ship fontawesome.
# For default, see: https://github.com/marketplace/actions/ftp-deploy#exclude-files
# NOTE: Unfortunately, you don't seem to be able to clear the exclude options because it then will simply
# use the default value again. So we keep some common sense value (even though we don't actually need to
# exclude anything).
exclude: |
**/.git*
**/.git*/**