action.yaml

name: Publish Site
description: Build and deploy a static-content site (static, hugo, mkdocs) to Garage S3 with Traefik + cert-manager. Containerized apps should use action/image-build + action/image-push + action/image-deploy.
inputs:
  token:
    description: Gitea token (ci-bot) for apps repo push and API operations
    required: true
  s3-access-key:
    description: Garage ci-deploy-key access key id
    required: true
  s3-secret-key:
    description: Garage ci-deploy-key secret access key
    required: true
  s3-endpoint:
    # Targets garage-s3 (data-only Service) so requests do not round-robin onto
    # the gateway pod, whose emptyDir-backed metadata view intermittently
    # returns "No such key" through the S3 API.
    description: Garage S3 endpoint URL
    required: false
    default: http://garage-s3.storage.svc:3900
  garage-admin-token:
    description: Garage admin API token (required only when site.yaml has aliases — used to reconcile bucket globalAliases)
    required: false
  garage-admin-endpoint:
    description: Garage admin API endpoint URL
    required: false
    default: http://garage.storage.svc:3903
  username:
    description: Gitea username for git operations
    required: false
    default: ci-bot
runs:
  using: composite
  steps:
    - name: Setup
      shell: bash
      run: python3 ${{ github.action_path }}/scripts/setup.py

    - name: Build
      shell: bash
      run: python3 ${{ github.action_path }}/scripts/publish.py build
      env:
        SITE_REPO: ${{ github.repository }}
        SITE_DIR: ${{ github.workspace }}
        ACTION_DIR: ${{ github.action_path }}
        GITHUB_RUN_NUMBER: ${{ github.run_number }}
        CI_BOT_USER: ${{ inputs.username }}

    - name: Deploy
      shell: bash
      run: python3 ${{ github.action_path }}/scripts/publish.py deploy
      env:
        SITE_REPO: ${{ github.repository }}
        SITE_DIR: ${{ github.workspace }}
        ACTION_DIR: ${{ github.action_path }}
        CI_BOT_TOKEN: ${{ inputs.token }}
        CI_BOT_USER: ${{ inputs.username }}
        AWS_ACCESS_KEY_ID: ${{ inputs.s3-access-key }}
        AWS_SECRET_ACCESS_KEY: ${{ inputs.s3-secret-key }}
        AWS_DEFAULT_REGION: sjc001
        GARAGE_S3_ENDPOINT: ${{ inputs.s3-endpoint }}
        GARAGE_ADMIN_ENDPOINT: ${{ inputs.garage-admin-endpoint }}
        GARAGE_ADMIN_TOKEN: ${{ inputs.garage-admin-token }}
        GITHUB_RUN_NUMBER: ${{ github.run_number }}
initial: action/site-publish @v1 2026-05-06 08:07:28 -05:00			`name: Publish Site`
strip docker type — site-publish is static-content only 2026-05-06 10:01:09 -05:00			`description: Build and deploy a static-content site (static, hugo, mkdocs) to Garage S3 with Traefik + cert-manager. Containerized apps should use action/image-build + action/image-push + action/image-deploy.`
initial: action/site-publish @v1 2026-05-06 08:07:28 -05:00			`inputs:`
			`token:`
			`description: Gitea token (ci-bot) for apps repo push and API operations`
			`required: true`
			`s3-access-key:`
strip docker type — site-publish is static-content only 2026-05-06 10:01:09 -05:00			`description: Garage ci-deploy-key access key id`
			`required: true`
initial: action/site-publish @v1 2026-05-06 08:07:28 -05:00			`s3-secret-key:`
strip docker type — site-publish is static-content only 2026-05-06 10:01:09 -05:00			`description: Garage ci-deploy-key secret access key`
			`required: true`
initial: action/site-publish @v1 2026-05-06 08:07:28 -05:00			`s3-endpoint:`
site-publish: default S3 endpoint to garage-s3 (data-only Service) 2026-05-28 10:04:24 -05:00			`# Targets garage-s3 (data-only Service) so requests do not round-robin onto`
			`# the gateway pod, whose emptyDir-backed metadata view intermittently`
			`# returns "No such key" through the S3 API.`
initial: action/site-publish @v1 2026-05-06 08:07:28 -05:00			`description: Garage S3 endpoint URL`
			`required: false`
site-publish: default S3 endpoint to garage-s3 (data-only Service) 2026-05-28 10:04:24 -05:00			`default: http://garage-s3.storage.svc:3900`
initial: action/site-publish @v1 2026-05-06 08:07:28 -05:00			`garage-admin-token:`
strip docker type — site-publish is static-content only 2026-05-06 10:01:09 -05:00			`description: Garage admin API token (required only when site.yaml has aliases — used to reconcile bucket globalAliases)`
initial: action/site-publish @v1 2026-05-06 08:07:28 -05:00			`required: false`
			`garage-admin-endpoint:`
			`description: Garage admin API endpoint URL`
			`required: false`
			`default: http://garage.storage.svc:3903`
			`username:`
			`description: Gitea username for git operations`
			`required: false`
			`default: ci-bot`
			`runs:`
			`using: composite`
			`steps:`
			`- name: Setup`
			`shell: bash`
			`run: python3 ${{ github.action_path }}/scripts/setup.py`

			`- name: Build`
			`shell: bash`
			`run: python3 ${{ github.action_path }}/scripts/publish.py build`
			`env:`
			`SITE_REPO: ${{ github.repository }}`
			`SITE_DIR: ${{ github.workspace }}`
			`ACTION_DIR: ${{ github.action_path }}`
			`GITHUB_RUN_NUMBER: ${{ github.run_number }}`
			`CI_BOT_USER: ${{ inputs.username }}`

			`- name: Deploy`
			`shell: bash`
			`run: python3 ${{ github.action_path }}/scripts/publish.py deploy`
			`env:`
			`SITE_REPO: ${{ github.repository }}`
			`SITE_DIR: ${{ github.workspace }}`
			`ACTION_DIR: ${{ github.action_path }}`
			`CI_BOT_TOKEN: ${{ inputs.token }}`
			`CI_BOT_USER: ${{ inputs.username }}`
			`AWS_ACCESS_KEY_ID: ${{ inputs.s3-access-key }}`
			`AWS_SECRET_ACCESS_KEY: ${{ inputs.s3-secret-key }}`
			`AWS_DEFAULT_REGION: sjc001`
			`GARAGE_S3_ENDPOINT: ${{ inputs.s3-endpoint }}`
			`GARAGE_ADMIN_ENDPOINT: ${{ inputs.garage-admin-endpoint }}`
			`GARAGE_ADMIN_TOKEN: ${{ inputs.garage-admin-token }}`
			`GITHUB_RUN_NUMBER: ${{ github.run_number }}`