wip

Signed-off-by: Damien Duportal <damien.duportal@gmail.com>

.env

@@ -0,0 +1,5 @@
+DIST_DIR=./dist
+PRESENTATION_URL=http://localhost:8000
+REPOSITORY_URL=file://./
+CURRENT_UID=0 # Root by default
+BUILD_DIR=/tmp/dist

.github/dependabot.yml

@@ -0,0 +1,7 @@
+---
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/build-workflow.yml

@@ -3,123 +3,57 @@ name: Slides Workflow
 on:
   create:
     tags:
-      - "*"
+      - '*'
   push:
     branches-ignore:
-      - gh_pages
+      - gh-pages
     tags:
-      - "*"
+      - '*'
   pull_request:
   workflow_dispatch:
 
 env:
-  ## Override default value for Docker cached image
-  IMAGE_CACHE_NAME_ORIGINAL: "ghcr.io/${{ github.repository }}:latest"
-  PRINCIPAL_BRANCH: "main"
-  REPOSITORY_URL: "https://github.com/${{ github.repository }}"
+  REPOSITORY_URL: https://github.com/${{ github.repository_owner }}/${{ github.repository }}
+  PRESENTATION_URL: https://${{ github.repository_owner }}.github.io/${{ github.repository }}/${{ github.ref_name }}
 
 jobs:
   build-slides:
-    name: "Build Slides"
+    name: 'Build Slides'
     runs-on: ubuntu-latest
-    permissions:
-      packages: write ## Required to allow "docker push" on GHCR
     steps:
-      - name: "Checkout"
-        uses: actions/checkout@v3
-      ## This step is a trick to ensure that the docker image name is normalized (lower cased, etc.) into the env. variable IMAGE_CACHE_NAME
-      - name: downcase IMAGE_CACHE_NAME
+      - name: 'Check environment'
         run: |
-          echo "IMAGE_CACHE_NAME=${IMAGE_CACHE_NAME_ORIGINAL,,}" >>${GITHUB_ENV}
-      ## This step generates the full presentation URL on github pages, based on the context (github owner, repo, branch)
-      ## Please note that the pull_request case is treated differently (using target branch instead of branch.tag ref)
-      - name: Generate PRESENTATION_URL
-        if: github.event_name != 'pull_request'
-        run: |
-          echo "PRESENTATION_URL=https://${{ github.repository_owner }}.github.io/$(basename ${{ github.repository }})/${{ github.ref_name }}" >> $GITHUB_ENV
-      - name: Generate PRESENTATION_URL for pull request
-        if: github.event_name == 'pull_request'
-        run: |
-          echo "PRESENTATION_URL=https://${{ github.repository_owner }}.github.io/$(basename ${{ github.repository }})/${{ github.base_ref }}" >> $GITHUB_ENV
-      - name: Prints generated PRESENTATION_URL (for audit purpose)
-        run: |
-          echo "PRESENTATION_URL=${PRESENTATION_URL}"
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: "Build"
+          docker compose version
+          echo $REPOSITORY_URL
+          echo $PRESENTATION_URL
+      - name: 'Checkout'
+        uses: actions/checkout@master
+      - name: 'Build'
         run: make build
-      - name: "Verify"
+      - name: PDF on main branch
+        run: make pdf # Reuses the 'make build' steps
+      - name: 'Verify'
         run: make verify
-      - name: "Upload dist/ as artefact"
-        uses: actions/upload-artifact@v2
+      - name: 'Upload dist/ as artefact'
+        uses: actions/upload-artifact@v3
         with:
           name: dist
           path: dist/
 
-  build-pdf:
-    name: "Build PDF"
-    runs-on: ubuntu-latest
-    # Only generate PDF when pushing code on a branch of the repository
-    if: github.event_name == 'push'
-    steps:
-      - name: "Checkout"
-        uses: actions/checkout@master
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: "Build"
-        run: make build
-      - name: PDF on main branch
-        if: github.ref == 'refs/heads/${{ env.PRINCIPAL_BRANCH }}'
-        run: make pdf
-      - name: "Upload dist/slides.pdf as artefact"
-        uses: actions/upload-artifact@v2
-        with:
-          name: pdf
-          path: dist/slides.pdf
-
   deploy:
     runs-on: ubuntu-latest
-    needs: [build-slides, build-pdf]
+    needs: [build-slides]
     # Only run deploy when pushing code on a branch of the repository
     if: github.event_name == 'push'
     steps:
-      - name: "Download dist/ Artefacts"
-        uses: actions/download-artifact@v2
-        with:
-          name: dist
-          path: ./dist
-      - name: "Download dist/slides.pdf artefact"
-        uses: actions/download-artifact@v2
-        with:
-          name: pdf
-          path: ./dist
-      - name: Get tag value
-        if: startsWith(github.ref, 'refs/tags/')
-        id: tags
-        run: echo ::set-output name=tag::${GITHUB_REF#refs/*/}
-      - name: "Deploy Tag"
-        if: startsWith(github.ref, 'refs/tags/')
-        uses: peaceiris/actions-gh-pages@v3
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          publish_dir: ./dist
-          destination_dir: ${{ steps.tags.outputs.tag }}
-      - name: Get branch name
-        if: startsWith(github.ref, 'refs/heads/')
-        id: branches
-        run: echo ::set-output name=branch::${GITHUB_REF#refs/heads/}
-      - name: "Deploy Main Branch"
-        if: startsWith(github.ref, 'refs/heads/')
-        uses: peaceiris/actions-gh-pages@v3
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          publish_dir: ./dist
-          destination_dir: ${{ steps.branches.outputs.branch }}
+    - name: 'Download dist/ Artefacts'
+      uses: actions/download-artifact@v3
+      with:
+        name: dist
+        path: ./dist
+    - name: 'Deploy to GitHub Pages'
+      uses: peaceiris/actions-gh-pages@v3
+      with:
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+        publish_dir: ./dist
+        destination_dir: ${{ github.ref_name }}/

Dockerfile

@@ -1,26 +1,40 @@
-FROM node:16-alpine
+FROM node:18-alpine
 
-## Disable hadolint pinning version: always get latest package as Alpine is used
+# Install latest version of required dependencies
 # hadolint ignore=DL3018
 RUN apk add --no-cache \
   curl \
   git \
-  tini
+  tini \
+  unzip
+
+# Install NPM dependencies globally (latest versions)
+# hadolint ignore=DL3016,DL3059
+RUN npm install --global npm npm-check-updates
 
 # Install App's dependencies (dev and runtime)
 COPY ./npm-packages /app/npm-packages
 # By creating the symlink, the npm operation are kept at the root of /app
 # but the operation can still be executed to the package*.json files without ENOENT error
 RUN ln -s /app/npm-packages/package.json /app/package.json \
-  && ln -s /app/npm-packages/package-lock.json /app/package-lock.json \
-  && ln -s /app/npm-packages/.ncurc.yml /app/.ncurc.yml
+  && ln -s /app/npm-packages/package-lock.json /app/package-lock.json
 
 WORKDIR /app
-RUN npm install
+
+ARG FONTAWESOME_VERSION=6.4.0
+RUN curl --silent --show-error --location --output /tmp/fontawesome.zip \
+    "https://use.fontawesome.com/releases/v${FONTAWESOME_VERSION}/fontawesome-free-${FONTAWESOME_VERSION}-web.zip" \
+  && unzip -q /tmp/fontawesome.zip -d /tmp \
+  && mv /tmp/"fontawesome-free-${FONTAWESOME_VERSION}-web" /app/fontawesome \
+  && rm -rf /tmp/font*
+
+# Install NPM dependencies using the package-lock.json
+RUN { npm install-clean && npx update-browserslist-db@latest; } || npm install
+
 ## Link some NPM commands installed as dependencies to be available within the PATH
 # There muste be 1 and only 1 `npm link` for each command
-RUN npm link gulp \
-  && npm link npm-check-updates
+# hadolint ignore=DL3059
+RUN npm link gulp
 
 COPY ./gulp/tasks /app/tasks
 COPY ./gulp/gulpfile.js /app/gulpfile.js

Makefile

@@ -1,75 +1,47 @@
-CURRENT_UID = $(shell id -u):$(shell id -g)
 DIST_DIR ?= $(CURDIR)/dist
-
-REPOSITORY_URL ?= https://github.com/dduportal/slides
-PRESENTATION_URL ?= https://dduportal.github.io/slides/main
-
-export PRESENTATION_URL CURRENT_UID REPOSITORY_URL
+REPOSITORY_URL ?= file://$(CURDIR)
+export REPOSITORY_URL DIST_DIR
 
 ## Docker Buildkit is enabled for faster build and caching of images
 DOCKER_BUILDKIT ?= 1
 COMPOSE_DOCKER_CLI_BUILD ?= 1
 export DOCKER_BUILDKIT COMPOSE_DOCKER_CLI_BUILD
 
-all: clean build verify pdf
+## Define the reusable shell commands once for all
+compose_cmd = docker compose --file=$(CURDIR)/docker-compose.yml $(1)
+compose_up = $(call compose_cmd, up --build $(1))
+compose_run = $(call compose_cmd, run --user=0 $(1))
 
-# Generate documents inside a container, all *.adoc in parallel
-build: clean $(DIST_DIR) ## Generate documents
-	@docker-compose up \
-		--build \
-		--force-recreate \
-		--exit-code-from build \
-	build
+all: clean build verify
 
-$(DIST_DIR):
-	mkdir -p $(DIST_DIR)
+# Generate documents inside a container, all *.adoc in parallel
+build:
+	@$(call compose_up,--exit-code-from=build build)
 
-verify: ## Verifies the generated HTML
-	echo "Verification disabled"
-# @docker run --rm \
-# 	-v $(DIST_DIR):/dist \
-# 	--user $(CURRENT_UID) \
-# 	18fgsa/html-proofer \
-# 		--check-html \
-# 		--http-status-ignore "999" \
-# 		--url-ignore "/localhost:/,/127.0.0.1:/,/$(PRESENTATION_URL)/,/github.com\/$(REPOSITORY_OWNER)\/slides\/tree/" \
-# 		/dist/index.html
+verify:
+	@echo "Verify disabled"
 
-serve: clean $(DIST_DIR) prepare qrcode ## Starts a local web server to serve the slides (localhost:8000)
-	@docker-compose up --build --force-recreate serve
+serve:
+	@$(call compose_up, --force-recreate serve qrcode)
 
-shell: $(DIST_DIR) prepare ## Starts the server and opens a shell into it
-	@CURRENT_UID=0 docker-compose run --entrypoint=sh --rm serve
+shell:
+	@$(call compose_run,--entrypoint=sh --rm serve)
 
-dependencies-lock-update: $(DIST_DIR) prepare ## Updates the npm dependencies
-	@CURRENT_UID=0 docker-compose run --entrypoint=npm --rm serve install --package-lock
+dependencies-lock-update:
+	@$(call compose_run,--entrypoint=npm --rm serve install --package-lock)
 
-dependencies-update: $(DIST_DIR) prepare ## Updates the dependencies
-	@CURRENT_UID=0 docker-compose run --entrypoint=ncu --workdir=/app/npm-packages --rm serve -u
+dependencies-update:
+	@$(call compose_run,--entrypoint=ncu --workdir=/app/npm-packages --rm serve -u)
 	@make -C $(CURDIR) dependencies-lock-update
 
-$(DIST_DIR)/index.html: build
-
-pdf: $(DIST_DIR)/index.html ## Generate a PDF version of the slides
-	@docker run --rm -t \
-		-v $(DIST_DIR):/slides \
-		--user $(CURRENT_UID) \
-		--read-only=true \
-		--tmpfs=/tmp \
-		astefanutti/decktape:3.4.1 \
-		/slides/index.html \
-		/slides/slides.pdf \
-		--size='2048x1536' \
-		--pause 0
+pdf:
+	@$(call compose_up, --exit-code-from=pdf pdf)
 
-clean: ## Clean the docker environment and the output directory
-	@docker-compose down -v --remove-orphans
+clean:
+	@$(call compose_cmd, down -v --remove-orphans)
 	@rm -rf $(DIST_DIR)
 
-qrcode: ## Generate the QRcode
-	@docker-compose run --entrypoint=/app/node_modules/.bin/qrcode --rm serve -t png -o /app/content/media/qrcode.png $(PRESENTATION_URL)
-
-help: ## Display this help screen
-	@grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
+qrcode:
+	@$(call compose_up, qrcode)
 
-.PHONY: all build verify serve qrcode pdf prepare dependencies-update dependencies-lock-update
+.PHONY: all build verify serve qrcode pdf dependencies-update dependencies-lock-update