A .gpb-docker.json => .gpb-docker.json +7 -0
@@ 0,0 1,7 @@
+[{
+ "file": "build/Dockerfile",
+ "args": {
+ "COMMIT": "{{.Commit}}"
+ },
+ "secrets": ["hugo-site/srht-token"]
+}]
M build/Dockerfile => build/Dockerfile +7 -5
@@ 1,9 1,11 @@
-FROM jasonccox/git-personal-builder:latest-arm64
-LABEL maintainer="me@jasoncarloscox.com"
-EXPOSE 80
+FROM alpine:latest
RUN apk add --no-cache curl
RUN apk add --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community --no-cache hugo
-COPY build /usr/bin/
-CMD ["build"]
+WORKDIR /site
+COPY . .
+
+ARG COMMIT
+RUN --mount=type=secret,id=hugo-site/srht-token,target=/srht-token \
+ ./build/build "$COMMIT" /srht-token
M build/build => build/build +3 -4
@@ 1,12 1,11 @@
#!/bin/sh
set -e
-cd "$(dirname "$0")"
+cd "$(dirname "$0")/.."
commit="${1:-$(git rev-parse HEAD)}"
-dir="${2:-../}"
+token_file="${2:?missing token file}"
-cd "$dir"
hugo
echo "$commit $(date -Iseconds)" >public/version.txt
@@ 15,7 14,7 @@ tar --directory public -cz . >"$archive"
curl \
--fail-with-body \
--no-progress-meter \
- --oauth2-bearer "$SRHT_TOKEN" \
+ --oauth2-bearer "$(cat "$token_file")" \
--form content="@$archive" \
https://pages.sr.ht/publish/jasoncarloscox.com