Last active
June 7, 2024 18:07
-
-
Save cynthiahqy/c53e6947b6da7364f9090f3d77b006df to your computer and use it in GitHub Desktop.
GitHub action for rendering, encrypting and deploying a Quarto site (without computations)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # based on: | |
| # - https://github.com/quarto-dev/quarto-actions/blob/main/examples/quarto-book-gh-pages.yaml | |
| # - https://github.com/actions/starter-workflows/blob/main/pages/static.yml | |
| on: | |
| push: | |
| branches: main | |
| pull_request: | |
| branches: main | |
| # to be able to trigger a manual build | |
| workflow_dispatch: | |
| name: Build and deploy Quarto site | |
| # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages | |
| permissions: | |
| contents: read | |
| pages: write | |
| id-token: write | |
| # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. | |
| # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. | |
| concurrency: | |
| group: "pages" | |
| cancel-in-progress: false | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| PROTECTED_DIR: _site | |
| # PASSWORD: password | |
| PASSWORD: ${{ secrets.SECRET_PASSWORD }} ## set repo secret | |
| steps: | |
| - name: Check PASSWORD variable | |
| run: | | |
| if [[ -z "${{ env.PASSWORD }}" ]]; then | |
| echo "PASSWORD variable is not set" | |
| exit 1 | |
| fi | |
| - uses: actions/checkout@v4 | |
| - name: Install Quarto | |
| uses: quarto-dev/quarto-actions/setup@v2 | |
| - name: Render Quarto Project | |
| uses: quarto-dev/quarto-actions/render@v2 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| - name: Install Staticrypt | |
| run: npm install -g staticrypt | |
| - name: Encrypt Pages | |
| run: staticrypt $PROTECTED_DIR/* -r -d "$PROTECTED_DIR" -p "$PASSWORD" --short | |
| - name: Fix permissions | |
| run: | | |
| chmod -v -R +rX "$PROTECTED_DIR" | while read line; do | |
| echo "::warning title=Invalid file permissions automatically fixed::$line" | |
| done | |
| - name: Upload artifact | |
| uses: actions/upload-pages-artifact@v3 | |
| with: | |
| path: ${{env.PROTECTED_DIR}} | |
| deploy: | |
| if: github.event_name != 'pull_request' | |
| needs: build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup pages | |
| uses: actions/configure-pages@v3 | |
| - name: Deploy to GitHub pages | |
| id: deployment | |
| uses: actions/deploy-pages@v4 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment