--- image: $CI_REGISTRY/schleuder/schleuder-ci-images:debian-generic stages: - build - deploy - qa variables: DEPLOY_BASE: dev/review DEPLOY_SLUG: dev/review/$CI_PROJECT_NAME/$CI_COMMIT_REF_SLUG build: script: # Set jekylls 'baseurl' option in case we're not dealing with the main branch. - 'if ! [ "$CI_COMMIT_REF_SLUG" == "main" ]; then echo "baseurl: /$DEPLOY_SLUG" >> _config.yml; fi' - jekyll build --verbose - tar cfz site.tar.gz _site stage: build artifacts: paths: - site.tar.gz expire_in: 1 day deploy: script: # Disable bash history to prevent secret variables to be recorded and saved - unset HISTFILE # Start SSH agent - eval $(ssh-agent -s) # Add the SSH key stored in the SSH_DEPLOY_KEY variable to the agent store # We're using 'tr' to fix line endings which makes ed25519 keys work without # extra base64 encoding - echo "$DEPLOY_KEY" | tr -d '\r' | ssh-add - > /dev/null - mkdir -p ~/.ssh - chmod 700 ~/.ssh - printf " |1|ZfxGVbfwfCHlaURlet/V6y+2gjg=|/X7OweXQUnXZnGSKkvF/IpVz4n4= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPJx38PfGvaHtkSsHptiHoIQxlI3Yf0cskPNTwAQnY14\n |1|8YPsezXF2SYQ7rq9U5TbDnMsVjo=|SJOodZB+8j+dO+l6YTdZ7+44XLw= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPJx38PfGvaHtkSsHptiHoIQxlI3Yf0cskPNTwAQnY14\n ftp.schleuder.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMipvUM0/aLT4LXkqehXRURN5JHvhz1+9pfuIj7y7LRG " > ~/.ssh/known_hosts - tar fxv site.tar.gz # In case we're not dealing with the main branch, create the review dir on the webserver. # We need to catch possible errors, as lftp seems buggy: It fails if the dir already exists, # even if called with the -f option, which should ignore errors (like this one). # lftp needs a "dummy" password, even if key-based authentication is used. - if ! [ "$CI_COMMIT_REF_SLUG" == "main" ]; then DEPLOY_SLUG="www/$DEPLOY_SLUG"; export DEPLOY_SLUG; lftp -e "mkdir -fp $DEPLOY_SLUG; quit" -u $DEPLOY_USER,dummy sftp://$DEPLOY_HOST || /bin/true; else DEPLOY_SLUG="www"; export DEPLOY_SLUG; fi - lftp -e "mirror -eRv -x ^dev/ -x ^download/ _site $DEPLOY_SLUG; quit;" -u $DEPLOY_USER,dummy sftp://$DEPLOY_HOST # TODO: Implement clean up: Remove the review dir once the merge to master happened. stage: deploy # It's currently not possible to use env vars which are / were set in the script: part above. environment: name: $DEPLOY_BASE/$CI_PROJECT_NAME/$CI_COMMIT_REF_SLUG url: https://schleuder.org/$DEPLOY_BASE/$CI_PROJECT_NAME/$CI_COMMIT_REF_SLUG only: # This job relies on secret env vars, which are only available in our repo. - branches@schleuder/schleuder-website variables: GIT_STRATEGY: none codespell: script: # Run codespell to check for spelling errors, using a config with ignored words, # ignoring warnings about binary files and to check file names as well. # Also, exclude the vendor dir, which leads to false positives. - codespell -q 2 -f -I utils/ci/codespell/ignored_words.txt -S vendor # This job should help with merge requests. Therefore, don't run it # against the main branch. only: - branches except: - main stage: qa linkcheck: script: # Run linkchecker against the pushed (and deployed) branch. Exclude mailto: links, as the ones # which we commonly use miss a MX record. - linkchecker --check-extern --ignore-url=mailto --ignore-url=woff https://schleuder.org/$DEPLOY_SLUG only: # This job relies on secret env vars, which are only available in our repo. - branches@schleuder/schleuder-website except: # This job should help with merge requests, so there is no point in running it against the main # branch. - main@schleuder/schleuder-website stage: qa variables: GIT_STRATEGY: none