···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
#/-------------------[DOTENV_PUBLIC_KEY]--------------------/

     

       
2
       
+
       
#/            public-key encryption for .env files          /

     

       
3
       
+
       
#/       [how it works](https://dotenvx.com/encryption)     /

     

       
4
       
+
       
#/----------------------------------------------------------/

     

       
5
       
+
       
DOTENV_PUBLIC_KEY_CI="0229743ae8682e55160d2176b2d17e5fc9e7ce7779fda3597fb8f4701c61615381"

     

       
6
       
+
       
DOTENVX=1

     

       
7
       
+
       


     

       
8
       
+
       
# .env.ci

     

       
9
       
+
       
SOURCEHUT_PAGES_TOKEN="encrypted:BNHzZMqMJw9wodfYI5x4kWO1OwYjUWHOwoqTYX10K5Z1jaaE4HuiG5g9KhoSo0vl/fN120WW+uVcP+uwHRJdPADLecM8SjmxOwF1LDDqiDYXnpUS3KqOdVcOtvV3xHYITVd0q9ds2SFue/1HOnzToCD7fC3PoAV+FmYGKF+NFK+c01ws7yI7TGJ7tGOIDTq9jdUbtZ/Mo2o5xx/85zbjmGHGRlIOHlM5pmg1CBhOfRvZdla9Ay/gkJ6Yrm5h0+ULZZUTt4lyKWYYwvVWTeaOngOOmAOps18BvvwSsHoN4QK5IrvVZEbhLqOAZdMcLYlKWViFA559IKx1vky3ddSS6S+lOIn9kGFAwNSu41jH+SFMFtK0QH64"

     

       
10
       
+
       
CLOUDFLARE_ACCOUNT_ID="encrypted:BB7kta9zZf3Y02HZtxI2/o6vTCvTWYJhOBI4ajDgimbqS1dsdc+Zf6Qcch+gg8LM8UTDDu/8p2K511oyEOa3Xqo/IoX+7NvKu9qZlb2Y38Y44SuP7hSGVcRpfZ5PuzCtFBHAez1OtpWAcdGOmBU8l6bZro3AsBXvpLfLPD/ocspf"

     

       
11
       
+
       
CLOUDFLARE_API_TOKEN="encrypted:BHr81tc2ka99Yd2+rkxhGjqBlYthCUpVWIrJVLNdqKzC8skKWeY+okX7LlEnrYuN8hdAC5HP2tj4e5KHnaPq2ShTfKN5VSAxhZDNQKEmsOiVrh11nuGw4Bc94/0mwJHMvyqVFsWmfir2mQkY6llw4bu/NNPk12BRfXKSRIwyc28qGMxwnoYPbvI="
     

···

       
15
       
 
       
    - pipenv install --ignore-pipfile --deploy

     

       
16
       
 
       
    - npm ci

     

       
17
       
 
       
    - curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash

     

       
0
       
 
       

     

       
18
       
 
       


     

       
19
       
 
       
# Global builds and stuff

     

       
20
       
 
       
variables:

     
···

       
23
       
 
       
  FF_GENERATE_SOCIAL_CARDS: "true"

     

       
24
       
 
       
  SECURE_FILES_DOWNLOAD_PATH: .secretskit

     

       
25
       
 
       
  GIT_DEPTH: "0"

     

       
0
       
 
       

     

       
26
       
 
       


     

       
27
       
 
       
pages:

     

       
28
       
 
       
  stage: build

     

       
29
       
 
       
  script:

     

       
30
       
-
       
    - doppler run -- ./bin/deploykit-pages.sh

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
31
       
 
       
  artifacts:

     

       
32
       
 
       
    paths:

     

       
33
       
 
       
      # The folder that contains the files to be exposed at the Page URL

     

···

       
15
       
 
       
    - pipenv install --ignore-pipfile --deploy

     

       
16
       
 
       
    - npm ci

     

       
17
       
 
       
    - curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash

     

       
18
       
+
       
    - ssh-agent > /tmp/.ssh-agent.env

     

       
19
       
 
       


     

       
20
       
 
       
# Global builds and stuff

     

       
21
       
 
       
variables:

     
···

       
24
       
 
       
  FF_GENERATE_SOCIAL_CARDS: "true"

     

       
25
       
 
       
  SECURE_FILES_DOWNLOAD_PATH: .secretskit

     

       
26
       
 
       
  GIT_DEPTH: "0"

     

       
27
       
+
       
  DOTENV_PRIVATE_KEY: $DOTENV_PRIVATE_KEY_CI

     

       
28
       
 
       


     

       
29
       
 
       
pages:

     

       
30
       
 
       
  stage: build

     

       
31
       
 
       
  script:

     

       
32
       
+
       
    - |

     

       
33
       
+
       
      source /tmp/.ssh-agent.env

     

       
34
       
+
       
      ./bin/build.sh

     

       
35
       
+
       
      ./bin/deploy.sh

     

       
36
       
 
       
  artifacts:

     

       
37
       
 
       
    paths:

     

       
38
       
 
       
      # The folder that contains the files to be exposed at the Page URL

     

···

       
1
       
 
       
#!/usr/bin/env bash

     

       
2
       
-
       
set -xe

     

       
3
       
 
       


     

       
4
       
-
       
TARGET_DIR=${TARGET_DIR:-"$PWD/public"}

     

       
5
       
-
       
FF_OFFLINE_MKDOCS_PLUGIN=${FF_OFFLINE_MKDOCS_PLUGIN:-"false"}

     

       
6
       
-
       
FF_ENABLE_COMMIT_DATA=${FF_ENABLE_COMMIT_DATA:-"true"}

     

       
7
       
-
       
FF_GENERATE_SOCIAL_CARDS=${FF_GENERATE_SOCIAL_CARDS:-"true"}

     

       
8
       
-
       
TARGET_BUILD_CONFIG=${1:-"mkdocs.yml"}

     

       
9
       
-
       


     

       
10
       
-
       
if [[ ! -d "$TARGET_DIR" ]]; then

     

       
11
       
-
       
  mkdir "$TARGET_DIR" -pv

     

       
12
       
-
       
fi

     

       
13
       
-
       


     

       
14
       
-
       
if [[ $SKIP_VENV_SETUP == "" ]] || [[ $CI == "" ]]; then

     

       
15
       
-
       
  pipenv install --ignore-pipfile --deploy --verbose

     

       
16
       
-
       
  pipenv run mkdocs build -d "$TARGET_DIR" -f ${TARGET_BUILD_CONFIG}

     

       
17
       
-
       
else

     

       
18
       
-
       
  pip3 install -r requirements.txt --upgrade --user

     

       
19
       
-
       
  mkdocs build -d "$TARGET_DIR" -f ${TARGET_BUILD_CONFIG}

     

       
20
       
-
       
fi

     

       
21
       
-
       


     

       
22
       
-
       
mkdir "$TARGET_DIR/api"

     

       
23
       
-
       
git rev-parse HEAD > "$TARGET_DIR/api/commit"

     

       
24
       
 
       
cp "$TARGET_DIR/assets/images/favicon.png" "$TARGET_DIR/favicon.ico"

     

       
25
       
-
       
cp markdown/.well-known "$TARGET_DIR/.well-known" -rv

     

       
26
       
-
       
cp markdown/humans.txt "$TARGET_DIR/humans.txt" -v

     

       
27
       
-
       


     

       
28
       
-
       
set +xe

     

···

       
1
       
 
       
#!/usr/bin/env bash

     

       
2
       
+
       
set -e

     

       
3
       
 
       


     

       
4
       
+
       
TARGET_DIR="${PWD}/public"

     

       
5
       
+
       
pipenv run build

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
6
       
 
       
cp "$TARGET_DIR/assets/images/favicon.png" "$TARGET_DIR/favicon.ico"

     

       
7
       
+
       
cp markdown/.well-known markdown/humans.txt "$TARGET_DIR/" -rv

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
#!/usr/bin/env bash

     

       
2
       
+
       
set -ea

     

       
3
       
+
       
if [[ $DEBUG != "" ]]; then

     

       
4
       
+
       
  set -x

     

       
5
       
+
       
fi

     

       
6
       
+
       


     

       
7
       
+
       
_root_directory_git=$(git rev-parse --show-toplevel)

     

       
8
       
+
       


     

       
9
       
+
       
warn() {

     

       
10
       
+
       
    echo "warning: $*"

     

       
11
       
+
       
}

     

       
12
       
+
       


     

       
13
       
+
       
error() {

     

       
14
       
+
       
    echo "error: $*"

     

       
15
       
+
       
}

     

       
16
       
+
       


     

       
17
       
+
       
info() {

     

       
18
       
+
       
  echo "info: $*"

     

       
19
       
+
       
}

     

       
20
       
+
       


     

       
21
       
+
       
if [[ $CI == "true" ]] && [[ $CI_PIPELINE_SOURCE == "push" || $CI_PIPELINE_SOURCE == "web" ]]

     

       
22
       
+
       
  && [[ $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH ]]; then

     

       
23
       
+
       
  npx wrangler pages publish ${_root_directory_git}/public --project-name ${CF_PAGES_PROJECT_NAME} --branch main

     

       
24
       
+
       
fi