name: Netlify CMS Publish
on:
repository_dispatch:
jobs:
check-permission:
runs-on: ubuntu-latest
env:
SENDER: ${{ github.event.sender.login }}
ALLOWED_LOGINS_TO_PUBLISH: ${{ secrets.ALLOWED_LOGINS_TO_PUBLISH }}
steps:
- name: 'Check Permission To Publish'
run: |
if [[ "$SENDER" =~ ^$ALLOWED_LOGINS_TO_PUBLISH$ ]]; then
echo "$SENDER is allowed to publish"
exit 0
else
echo "$SENDER is not allowed to publish"
exit 1
fi
publish:
needs: check-permission
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [12.x]
steps:
- uses: actions/checkout@v2
with:
token: ${{ secrets.GIT_TOKEN }}
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
- uses: actions/cache@v2
with:
path: ~/.cache/yarn
key: ${{ runner.os }}-yarn-${{ hashFiles(format('{0}{1}', github.workspace, '/yarn.lock')) }}
restore-keys: |
${{ runner.os }}-yarn-
- name: update yarn to latest version
run: |
sudo apt update && sudo apt install yarn
- name: Install Dependencies
run: yarn install --frozen-lockfile
- name: Switch to master branch
run: git checkout master
- name: Setup Git User
run: |
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
- name: Publish Netlify CMS
uses: erezrokah/2fa-with-slack-action@v1
env:
NPM_TOKEN: ${{secrets.NPM_TOKEN}}
SLACK_TOKEN: ${{secrets.SLACK_TOKEN}}
CHANNEL_ID: ${{secrets.CHANNEL_ID}}
PUBLISH_COMMAND: "yarn\npublish:ci"
CODE_PATTERN: 'Enter OTP'
# 40 minutes for the entire command, 20 minutes for waiting for 2FA
TIMEOUT: '2400000'
REVERT_COMMAND: './scripts/revert_publish.sh'