Add deployment workflow (#7)

Reviewed-on: https://git.hubrecht.ovh/DGNum/dgnum.eu/pulls/7 Co-authored-by: Tom Hubrecht <tom@hubrecht.ovh> Co-committed-by: Tom Hubrecht <tom@hubrecht.ovh>
2023-06-30 09:56:50 +00:00 · 2023-06-30 09:56:50 +00:00 · c665ce2eb6
parent 8056829c14
commit c665ce2eb6
6 changed files with 112 additions and 6 deletions
--- a/.forgejo/workflows/deploy-dgnum.yaml
+++ b/.forgejo/workflows/deploy-dgnum.yaml
@ -0,0 +1,66 @@
+name: Publish website to Codeberg Pages
+run-name: publish-dgnum.eu
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  publish:
+    runs-on: native
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          path: dgnum.eu
+
+      - name: Build website
+        run: |
+          # Hack to set the cache in the working directory
+          HOME="$GITHUB_WORKSPACE" nix-build dgnum.eu
+
+      - name: Push new website
+        run: |
+          export HOME="$GITHUB_WORKSPACE"
+
+          echo "[+] Using SSH_DEPLOY_KEY"
+
+          # Setup deploy key
+          DEPLOY_KEY_FILE="$HOME/.ssh/deploy_key"
+          mkdir .ssh
+          echo "${SSH_DEPLOY_KEY}" > "$DEPLOY_KEY_FILE"
+          chmod 600 "$DEPLOY_KEY_FILE"
+
+          # Setup known hosts
+          KNOWN_HOSTS_FILE="$HOME/.ssh/known_hosts"
+          ssh-keyscan -H codeberg.org > "$KNOWN_HOSTS_FILE"
+
+          export GIT_SSH_COMMAND="ssh -i $DEPLOY_KEY_FILE -o UserKnownHostsFile=$KNOWN_HOSTS_FILE"
+          GIT_CMD_REPOSITORY="git@codeberg.org:DGNum/$GIT_REPOSITORY.git"
+
+          echo "[+] Cloning remote repository"
+          git clone --single-branch --depth 1 --branch main "$GIT_CMD_REPOSITORY" "$GIT_REPOSITORY"
+
+          git config --global user.email "$GIT_USER_EMAIL"
+          git config --global user.name  "$GIT_USER_NAME"
+
+          echo "[+] Updating assets"
+          rm -r "$GIT_REPOSITORY"/*
+
+          # Update assets
+          cp -R --no-preserve=mode,ownership,timestamps result/* "$GIT_REPOSITORY/"
+          cd "$GIT_REPOSITORY"
+
+          echo "[+] Creating commit"
+          ORIGIN_COMMIT="https://$GIT_ORIGIN_SERVER/$GITHUB_REPOSITORY/commit/$GITHUB_SHA"
+          git add .
+          git diff-index --quiet HEAD || git commit --message "Automatic pages update from $ORIGIN_COMMIT"
+
+          echo "[+] Pushing update"
+          git push "$GIT_CMD_REPOSITORY" --set-upstream main
+        env:
+          SSH_DEPLOY_KEY: ${{ secrets.SSH_DEPLOY_KEY }}
+          GIT_REPOSITORY: pages
+          GIT_USER_EMAIL: automated-update@dgnum.eu
+          GIT_USER_NAME: Forgejo Action
+          GIT_ORIGIN_SERVER: git.hubrecht.ovh
--- a/default.nix
+++ b/default.nix
@ -0,0 +1,10 @@
+(import
+  (
+    let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
+    fetchTarball {
+      url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
+      sha256 = lock.nodes.flake-compat.locked.narHash;
+    }
+  )
+  { src = ./.; }
+).defaultNix
--- a/flake.lock
+++ b/flake.lock
@ -1,5 +1,21 @@
 {
  "nodes": {
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1673956053,
+        "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
    "flake-utils": {
      "inputs": {
        "systems": "systems"
@ -35,6 +51,7 @@
    },
    "root": {
      "inputs": {
+        "flake-compat": "flake-compat",
        "flake-utils": "flake-utils",
        "nixpkgs": "nixpkgs"
      }
--- a/flake.nix
+++ b/flake.nix
@ -4,15 +4,20 @@
  inputs = {
    nixpkgs.url = "nixpkgs/nixos-unstable";
    flake-utils.url = "github:numtide/flake-utils";
+    flake-compat = {
+      url = "github:edolstra/flake-compat";
+      flake = false;
+    };
  };

-  outputs = { self, nixpkgs, flake-utils }:
+  outputs = { self, nixpkgs, flake-utils, ... }:
    flake-utils.lib.eachDefaultSystem (system:
      let
        pkgs = nixpkgs.legacyPackages.${system};
        ssg = pkgs.callPackage ./ssg { };
        defaultInputs = with pkgs; [ nixfmt shellcheck ];
-      in {
+      in
+      {
        formatter = pkgs.nixfmt;

        devShells = {
--- a/site/default.nix
+++ b/site/default.nix
@ -1,4 +1,8 @@
-{ glibcLocales, nix-gitignore, ssg, stdenv }:
+{ glibcLocales
+, nix-gitignore
+, ssg
+, stdenv
+}:

 stdenv.mkDerivation {
  name = "dgnum.eu";
--- a/ssg/default.nix
+++ b/ssg/default.nix
@ -1,4 +1,8 @@
-{ haskellPackages, locale, nix-gitignore }:
+{ haskellPackages
+, nix-gitignore
+}:

-let srcs = nix-gitignore.gitignoreSourcePure ../.gitignore ./.;
-in haskellPackages.callCabal2nix "ssg" srcs { }
+haskellPackages.callCabal2nix
+  "ssg"
+  (nix-gitignore.gitignoreSourcePure ../.gitignore ./.)
+{ }