diff options
Diffstat (limited to '.github')
| -rw-r--r-- | .github/dependabot.yml | 15 | ||||
| -rw-r--r-- | .github/workflows/auto-merge.yml | 42 | ||||
| -rw-r--r-- | .github/workflows/lint-build.yml | 98 | ||||
| -rw-r--r-- | .github/workflows/mod-update.yml | 61 |
4 files changed, 216 insertions, 0 deletions
diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..4de5f8a --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,15 @@ +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + open-pull-requests-limit: 10 + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + versioning-strategy: increase diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml new file mode 100644 index 0000000..f67b52d --- /dev/null +++ b/.github/workflows/auto-merge.yml @@ -0,0 +1,42 @@ +# Source: https://nicolasiensen.github.io/2022-07-23-automating-dependency-updates-with-dependabot-github-auto-merge-and-github-actions/ +name: Dependabot auto-merge +on: pull_request_target + +permissions: + pull-requests: write + contents: write + +jobs: + review-dependabot-pr: + runs-on: ubuntu-latest + # remove next line and uncomment the line after to enable auto merge + if: false + # if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v2 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + + - name: Enable auto-merge for Dependabot PRs + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + + - name: Approve patch and minor updates + if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor'}} + run: gh pr review $PR_URL --approve -b "I'm **approving** this pull request because **it includes a patch or minor update**" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + + - name: Comment on major updates of any dependencies + if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major'}} + run: | + gh pr comment $PR_URL --body "I'm **not approving** this PR because **it includes a major update of a dependency**" + gh pr edit $PR_URL --add-label "requires-manual-qa" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} diff --git a/.github/workflows/lint-build.yml b/.github/workflows/lint-build.yml new file mode 100644 index 0000000..7228fef --- /dev/null +++ b/.github/workflows/lint-build.yml @@ -0,0 +1,98 @@ +name: Lint & build +on: + workflow_dispatch: + push: + tags: + - v* + branches: [ main ] + pull_request: + branches: [ main ] + +env: + CACHE_KEY: 'hugo-hinode-template' + CACHE_PATH_DEBIAN: '/tmp/hugo_cache_runner' + CACHE_PATH_WIN: '~\AppData\Local\hugo_cache' + CACHE_PATH_MAC: '/Users/runner/Library/Caches/hugo_cache' + +jobs: + lint: + runs-on: ubuntu-latest + + steps: + - name: Check out repository + uses: actions/checkout@v4 + + - name: Set up Node.js + uses: actions/setup-node@v4 + with: + node-version: lts/* + cache: 'npm' + cache-dependency-path: '**/package-lock.json' + + # [24/AUG/23] Adjusted from npm ci to prevent EBADPLATFORM error due to fsevents + - name: Install npm + run: npm i + + - name: Lint the source files + run: npm run lint + + build: + needs: lint + + strategy: + matrix: + os: [macos-latest, windows-latest, ubuntu-latest] + # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ + node-version: [20.x, 22.x] + + runs-on: ${{ matrix.os }} + + steps: + - name: Check out repository + uses: actions/checkout@v4 + + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: ">1.0.0" + + - name: Set up Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v4 + with: + node-version: ${{ matrix.node-version }} + cache: 'npm' + cache-dependency-path: '**/package-lock.json' + + - name: Install Dart Sass + run: | + if [ "$RUNNER_OS" == "Linux" ]; then + sudo snap install dart-sass + elif [ "$RUNNER_OS" == "macOS" ]; then + brew install sass/sass/sass + elif [ "$RUNNER_OS" == "Windows" ]; then + choco install sass + fi + shell: bash + + # [24/AUG/23] Adjusted from npm ci for non-macOS to prevent EBADPLATFORM error due to fsevents + - name: Perform clean install of npm + run: | + if [ "$RUNNER_OS" == "macOS" ]; then + npm ci + else + npm i + fi + shell: bash + + # Cache Hugo cachedir and resourcedir (configured in config/ci/hugo.toml) for each OS + # No additional cache invalidation is needed, Hugo uses checksums itself + - name: Use Hugo cache + uses: actions/cache@v4 + with: + path: ${{ runner.os == 'Windows' && env.CACHE_PATH_WIN || runner.os == 'macOS' && env.CACHE_PATH_MAC || env.CACHE_PATH_DEBIAN }} + key: ${{ runner.os }}-${{ env.CACHE_KEY }} + restore-keys: | + ${{ runner.os }}-${{ env.CACHE_KEY }} + + - name: Build main site + run: npm run build:cache diff --git a/.github/workflows/mod-update.yml b/.github/workflows/mod-update.yml new file mode 100644 index 0000000..9c12b22 --- /dev/null +++ b/.github/workflows/mod-update.yml @@ -0,0 +1,61 @@ +name: Update Hugo dependencies +on: + workflow_dispatch: + schedule: + - cron: '0 3 * * *' # run daily at 03:00 AM + +permissions: + contents: write + pull-requests: write + +jobs: + update-mod: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: lts/* + cache: 'npm' + cache-dependency-path: '**/package-lock.json' + + # [26/AUG/23] Adjusted from npm ci to prevent EBADPLATFORM error due to fsevents + - name: Install npm + run: npm i + + - name: Update Hugo module dependencies + id: mod-updates + run: | + MOD_OUTPUT=$(npm run mod:update 2>&1) + echo "$MOD_OUTPUT" + MOD_UPDATES=$(echo "$MOD_OUTPUT" | grep '^go: upgraded' | sed 's/go: / - /' | sort -u) + echo 'MOD_UPDATES<<EOF' >> $GITHUB_OUTPUT + echo "$MOD_UPDATES" >> "$GITHUB_OUTPUT" + echo 'EOF' >> $GITHUB_OUTPUT + + - name: Create Pull Request + uses: gethinode/create-pull-request@v6 + with: + token: ${{ secrets.HUGO_MOD_PR }} + commit-message: 'fix: update Hugo module dependencies' + committer: GitHub <noreply@github.com> + branch: hugo-mod-dependencies + delete-branch: true + title: 'Update Hugo module dependencies' + body: | + This PR is auto-generated by [create-pull-request][1]. + + Changes to go.mod: + + ${{ steps.mod-updates.outputs.MOD_UPDATES }} + + [1]: https://github.com/peter-evans/create-pull-request + labels: dependencies + add-paths: | + go.mod + go.sum + # add **/go.mod **/go.sum if your repository contains any modules in a subfolder |