File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ version : 2
2+ updates :
3+ - package-ecosystem : " github-actions"
4+ directory : " /"
5+ schedule :
6+ interval : " daily"
7+ open-pull-requests-limit : 10
8+ groups :
9+ actions :
10+ update-types :
11+ - " minor"
12+ - " patch"
Original file line number Diff line number Diff line change @@ -4,16 +4,12 @@ name: Deploy static content to Pages
44on :
55 # Runs on pushes targeting the default branch
66 push :
7- branches : ["main"]
8-
7+ branches :
8+ - " main "
99 # Allows you to run this workflow manually from the Actions tab
1010 workflow_dispatch :
1111
12- # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
13- permissions :
14- contents : read
15- pages : write
16- id-token : write
12+ permissions : {}
1713
1814# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
1915# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
2824 name : github-pages
2925 url : ${{ steps.deployment.outputs.page_url }}
3026 runs-on : ubuntu-latest
27+
28+ # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
29+ permissions :
30+ contents : read
31+ pages : write
32+ id-token : write
33+
3134 steps :
3235 - name : Harden the runner (Audit all outbound calls)
3336 uses : step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
@@ -36,13 +39,16 @@ jobs:
3639
3740 - name : Checkout
3841 uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
42+
3943 - name : Setup Pages
4044 uses : actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
45+
4146 - name : Upload artifact
4247 uses : actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1
4348 with :
4449 # Upload entire repository
4550 path : ' .'
51+
4652 - name : Deploy to GitHub Pages
4753 id : deployment
4854 uses : actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
Original file line number Diff line number Diff line change 1+ name : Sync to PROD GCS
2+
3+ on :
4+ push :
5+ branches :
6+ - main
7+ paths :
8+ - ' production/**'
9+ - ' fonts/**'
10+ workflow_dispatch :
11+
12+ permissions : {}
13+
14+ jobs :
15+ sync-to-gcs :
16+ runs-on : ubuntu-latest
17+
18+ permissions :
19+ contents : read
20+ id-token : write
21+
22+ steps :
23+ - name : ' Github Actions Runner'
24+ uses : step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
25+ with :
26+ egress-policy : audit
27+
28+ - name : Checkout code
29+ uses : actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
30+
31+ - name : Authenticate to Google Cloud
32+ id : auth
33+ uses : step-security/google-github-auth@f0e5c257a9534a30b5df12f43329c1eb7b85a5be # v3.0.0
34+ with :
35+ service_account : " github-chainguard-academy@chainguard-academy.iam.gserviceaccount.com"
36+ workload_identity_provider : " projects/456977358484/locations/global/workloadIdentityPools/chainguard-academy/providers/chainguard-edu"
37+
38+ - name : Setup G Cloud SDK
39+ uses : ' google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db' # v2.0.11
40+
41+ - name : Sync production directory to GCS
42+ run : |
43+ gsutil -m rsync -r -d production/ gs://chainguard-courses-theme/production/
44+
45+ - name : Sync fonts directory to GCS
46+ run : |
47+ gsutil -m rsync -r -d fonts/ gs://chainguard-courses-theme/fonts/
You can’t perform that action at this time.
0 commit comments