forked from thecodeorigin/nuxt-template
-
Notifications
You must be signed in to change notification settings - Fork 0
81 lines (68 loc) · 2.76 KB
/
Copy pathdocs.yml
File metadata and controls
81 lines (68 loc) · 2.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
name: Deploy Docs (Cloudflare Pages)
# Builds the VitePress docs (docs/) and deploys them to Cloudflare Pages at
# https://docs.thecodeorigin.com.
#
# Like the Worker deploy, the ONLY GitHub secret is DOPPLER_TOKEN (read-only,
# project=auth config=prd). Cloudflare creds are pulled from Doppler at run time
# (CLOUDFLARE_TOKEN, CLOUDFLARE_ACCOUNT_ID).
#
# The Doppler CLOUDFLARE_TOKEN must carry:
# - Account · Cloudflare Pages: Edit (deploy the build)
#
# One-time manual setup, configured outside this workflow:
# - Custom domain docs.thecodeorigin.com → Pages project + proxied DNS CNAME.
# - Cloudflare Zero Trust Access gate (allow only *@thecodeorigin.com, deny the
# default *.pages.dev hostname).
on:
push:
branches: [main]
paths:
- 'docs/**'
- pnpm-lock.yaml
- .github/workflows/docs.yml
workflow_dispatch:
# Never run two docs deploys at once; a newer push supersedes an in-flight one.
concurrency:
group: deploy-docs
cancel-in-progress: true
jobs:
deploy:
runs-on: ubuntu-latest
timeout-minutes: 15
env:
DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN }}
DOPPLER_PROJECT: auth
DOPPLER_CONFIG: prd
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: 10.7.0
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Install Doppler CLI
uses: dopplerhq/cli-action@v3
- name: Resolve Cloudflare credentials from Doppler
run: |
CF_TOKEN="$(doppler secrets get CLOUDFLARE_TOKEN --plain)"
CF_ACCOUNT="$(doppler secrets get CLOUDFLARE_ACCOUNT_ID --plain)"
echo "::add-mask::$CF_TOKEN"
echo "::add-mask::$CF_ACCOUNT"
# wrangler reads CLOUDFLARE_API_TOKEN, not CLOUDFLARE_TOKEN.
echo "CLOUDFLARE_API_TOKEN=$CF_TOKEN" >> "$GITHUB_ENV"
echo "CLOUDFLARE_ACCOUNT_ID=$CF_ACCOUNT" >> "$GITHUB_ENV"
- name: Build docs (VitePress)
run: pnpm docs:build
- name: Remove NuxtHub wrangler redirect
# `nuxt prepare` (postinstall) writes .wrangler/deploy/config.json pointing
# at the Worker build output. wrangler follows that redirect for ALL commands,
# including `pages deploy`, and fails. The Pages deploy must not use it.
run: rm -f .wrangler/deploy/config.json
- name: Ensure Pages project exists
# No-op (non-zero, swallowed) if the project already exists.
run: pnpm exec wrangler pages project create thecodeorigin-docs --production-branch=main || true
- name: Deploy to Cloudflare Pages
run: pnpm exec wrangler pages deploy docs/.vitepress/dist --project-name=thecodeorigin-docs --branch=main