Skip to content

Commit

Permalink
Migrate to GitHub Actions
Browse files Browse the repository at this point in the history
  • Loading branch information
foolip committed Jun 17, 2020
1 parent 4dfbab2 commit 7c0aa27
Show file tree
Hide file tree
Showing 7 changed files with 33 additions and 51 deletions.
24 changes: 24 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
name: Test
on:
pull_request:
branches:
- master
push:
branches:
- master
jobs:
build:
name: Test
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- run: shellcheck *.sh
- run: shellcheck ci-deploy/*.sh
- uses: actions/checkout@v2
with:
repository: whatwg/html
fetch-depth: 2
path: ../html
- run: ./ci-deploy/outside-container.sh
env:
IS_TEST_OF_HTML_BUILD_ITSELF: true
19 changes: 0 additions & 19 deletions .travis.yml

This file was deleted.

4 changes: 1 addition & 3 deletions ci-deploy/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# This Dockerfile is just used to run on Travis CI in an environment that can easily and repeatedly
# This Dockerfile is just used to run in CI in an environment that can easily and repeatedly
# install our build dependencies.
FROM debian:stable

Expand Down Expand Up @@ -48,9 +48,7 @@ ADD html-build /whatwg/html-build
# on Docker Hub.
ENV HTML_SOURCE /whatwg/html

ARG travis_pull_request
ARG is_test_of_html_build_itself
ENV TRAVIS_PULL_REQUEST=${travis_pull_request}
ENV IS_TEST_OF_HTML_BUILD_ITSELF=${is_test_of_html_build_itself}

ENV SKIP_BUILD_UPDATE_CHECK=true
Expand Down
2 changes: 1 addition & 1 deletion ci-deploy/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# HTML Standard CI Deploy

This directory contains files used specifically for deploying the HTML Standard on Travis CI. They are not generally relevant to local builds.
This directory contains files used specifically for deploying the HTML Standard in CI. They are not generally relevant to local builds.

The setup is assumed to be a directory containing:

Expand Down
Binary file removed ci-deploy/deploy-key.enc
Binary file not shown.
22 changes: 7 additions & 15 deletions ci-deploy/inside-container.sh
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,6 @@ SERVER_PUBLIC_KEY="ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzd
HTML_OUTPUT="$(pwd)/output"
export HTML_OUTPUT

# Note: $TRAVIS_PULL_REQUEST is either a number or false, not true or false.
# https://docs.travis-ci.com/user/environment-variables/#Default-Environment-Variables
TRAVIS_PULL_REQUEST=${TRAVIS_PULL_REQUEST:-false}
IS_TEST_OF_HTML_BUILD_ITSELF=${IS_TEST_OF_HTML_BUILD_ITSELF:-false}

# Build the spec into the output directory
Expand All @@ -33,7 +30,7 @@ unzip vnu.linux.zip
./vnu-runtime-image/bin/java -Xmx1g -m vnu/nu.validator.client.SimpleCommandLineValidator --skip-non-html "$HTML_OUTPUT"
echo ""

if [[ "$TRAVIS_PULL_REQUEST" != "false" ]]; then
if [[ "$GITHUB_EVENT_NAME" != "push" || "$GITHUB_REF" != "refs/heads/master" ]]; then
echo "Skipping deploy for non-master"
exit 0
fi
Expand All @@ -42,17 +39,14 @@ if [[ "$IS_TEST_OF_HTML_BUILD_ITSELF" == "true" ]]; then
exit 0
fi

# Add the (decoded) deploy key to the SSH agent, so scp works
chmod 600 html/deploy-key
eval "$(ssh-agent -s)"
ssh-add html/deploy-key
echo "$SERVER $SERVER_PUBLIC_KEY" > known_hosts
# Add the deploy key to the SSH agent, so scp works
echo "$SERVER_DEPLOY_KEY" | ssh-add -
mkdir -p ~/.ssh/ && echo "$SERVER $SERVER_PUBLIC_KEY" > ~/.ssh/known_hosts

# Sync, including deletes, but ignoring the stuff we'll deploy below, so that we don't delete them.
echo "Deploying build output..."
# --chmod=D755,F644 means read-write for user, read-only for others.
rsync --rsh="ssh -o UserKnownHostsFile=known_hosts" \
--archive --chmod=D755,F644 --compress --verbose \
rsync --archive --chmod=D755,F644 --compress --verbose \
--delete --exclude="$COMMITS_DIR" --exclude="$REVIEW_DIR" \
--exclude=print.pdf \
"$HTML_OUTPUT/" "deploy@$SERVER:/var/www/$WEB_ROOT"
Expand All @@ -62,8 +56,7 @@ rsync --rsh="ssh -o UserKnownHostsFile=known_hosts" \
echo ""
echo "Deploying Commit Snapshot and Review Drafts, if any..."
# --chmod=D755,F644 means read-write for user, read-only for others.
rsync --rsh="ssh -o UserKnownHostsFile=known_hosts" \
--archive --chmod=D755,F644 --compress --verbose \
rsync --archive --chmod=D755,F644 --compress --verbose \
"$HTML_OUTPUT/$COMMITS_DIR" "$HTML_OUTPUT/$REVIEW_DIR" "deploy@$SERVER:/var/www/$WEB_ROOT"

echo ""
Expand All @@ -77,8 +70,7 @@ pdfsizeopt --v=40 "$PDF_TMP" "$HTML_OUTPUT/print.pdf"

echo ""
echo "Deploying PDF..."
rsync --rsh="ssh -o UserKnownHostsFile=known_hosts" \
--archive --compress --verbose \
rsync --archive --compress --verbose \
"$HTML_OUTPUT/print.pdf" "deploy@$SERVER:/var/www/$WEB_ROOT/print.pdf"

echo ""
Expand Down
13 changes: 0 additions & 13 deletions ci-deploy/outside-container.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,12 +10,10 @@ DOCKER_USERNAME="domenicdenicola"
DOCKER_HUB_REPO="whatwg/html-deploy"

# Set from the outside:
TRAVIS_PULL_REQUEST=${TRAVIS_PULL_REQUEST:-false}
IS_TEST_OF_HTML_BUILD_ITSELF=${IS_TEST_OF_HTML_BUILD_ITSELF:-false}

# When not running pull request builds:
# - DOCKER_PASSWORD is set from the outside
# - ENCRYPTION_LABEL is set from the outside

git clone --depth 1 https://github.com/pts/pdfsizeopt.git pdfsizeopt

Expand All @@ -27,19 +25,8 @@ cp "$HERE"/{.dockerignore,Dockerfile} .
docker pull "$DOCKER_HUB_REPO:latest"
docker build --cache-from "$DOCKER_HUB_REPO:latest" \
--tag "$DOCKER_HUB_REPO:latest" \
--build-arg "travis_pull_request=$TRAVIS_PULL_REQUEST" \
--build-arg "is_test_of_html_build_itself=$IS_TEST_OF_HTML_BUILD_ITSELF" \
.
if [[ "$TRAVIS_PULL_REQUEST" == "false" && "$IS_TEST_OF_HTML_BUILD_ITSELF" == "false" ]]; then
# Decrypt the deploy key from this script's location into the html/ directory, since that's the
# directory that will be shared with the container (but not built into the image).
ENCRYPTED_KEY_VAR="encrypted_${ENCRYPTION_LABEL}_key"
ENCRYPTED_IV_VAR="encrypted_${ENCRYPTION_LABEL}_iv"
ENCRYPTED_KEY=${!ENCRYPTED_KEY_VAR}
ENCRYPTED_IV=${!ENCRYPTED_IV_VAR}
openssl aes-256-cbc -K "$ENCRYPTED_KEY" -iv "$ENCRYPTED_IV" \
-in "$HERE/deploy-key.enc" -out html/deploy-key -d
fi

# Run the inside-container.sh script, with the html/ directory mounted inside the container.
echo ""
Expand Down

0 comments on commit 7c0aa27

Please sign in to comment.