From 341d7db101386767e0d2bfc247003b6730d56be5 Mon Sep 17 00:00:00 2001
From: Aaron Castro <darc_aaron@darcaaron.localdomain>
Date: Thu, 11 Apr 2024 16:53:28 -0600
Subject: [PATCH 01/10] adding permissions to `GITHUB_TOKEN`

---
 .github/workflows/build.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index f22d9575..8caa6afd 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -8,7 +8,10 @@ on:
   pull_request:
     branches:
       - main
-
+permissions:
+  contents: write
+  id-token: write
+  pages: write
 env:
   # HOME required by Setup Git and Setup Go Steps
   HOME: ${{ github.workspace }}

From caf2facb07bdfa39fb846920a4bad5248aec58ec Mon Sep 17 00:00:00 2001
From: Aaron Castro <darc_aaron@darcaaron.localdomain>
Date: Thu, 11 Apr 2024 17:01:18 -0600
Subject: [PATCH 02/10] removing non required permissions

---
 .github/workflows/build.yaml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 8caa6afd..e24477e5 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -10,8 +10,6 @@ on:
       - main
 permissions:
   contents: write
-  id-token: write
-  pages: write
 env:
   # HOME required by Setup Git and Setup Go Steps
   HOME: ${{ github.workspace }}

From 2ef29f166d93e1a0c56c6667a2314baf06b1de78 Mon Sep 17 00:00:00 2001
From: aaroncastro1990 <aaron.castro1990@gmail.com>
Date: Thu, 11 Apr 2024 18:15:00 -0600
Subject: [PATCH 03/10] Adding `GITHUB_TOKEN` to env

---
 .github/workflows/build.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index e24477e5..d3391e34 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -105,3 +105,4 @@ jobs:
           if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST == 'false' ]]; then bundle exec rake download_policy_list; bundle exec middleman deploy; fi
         env:
           CI_NODE_INDEX: ${{ matrix.index }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

From 3e98dcc7967ac6fdefd1f1d804028697c6271db0 Mon Sep 17 00:00:00 2001
From: aaroncastro1990 <aaron.castro1990@gmail.com>
Date: Fri, 12 Apr 2024 12:49:01 -0600
Subject: [PATCH 04/10] using two targets for middleman config

---
 .github/workflows/build.yaml |  2 +-
 config.rb                    | 24 ++++++++++++++++++------
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index d3391e34..4904b0a6 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -97,7 +97,7 @@ jobs:
           gem update --system 3.2.3
           echo "Pull Request: $TRAVIS_PULL_REQUEST"
           # Ensure the site builds, otherwise fail the build on PRs
-          if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST != 'false' ]]; then bundle exec rake download_policy_list; bundle exec middleman build; fi
+          if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST != 'false' ]]; then bundle exec rake download_policy_list; TARGET="test" bundle exec middleman deploy; fi
           # Ensure the links work, otherwise fail the build on PRs (only on PRs)
           if [[ $CI_NODE_INDEX = "check_links" && $TRAVIS_PULL_REQUEST != 'false' ]]; then echo "TODO Fix check_links to throttle itself properly"; fi
           # Only deploy the site live if the master branch is updated (not during pull-requests)
diff --git a/config.rb b/config.rb
index 934434b0..e832cc07 100644
--- a/config.rb
+++ b/config.rb
@@ -264,15 +264,27 @@ def image(link, title, alt_text)
 end
 
 # middleman-deploy configuration
-activate :deploy do |deploy|
-  # Automatically run `middleman build` during `middleman deploy`
-  deploy.build_before = true
-
-  # rsync, ftp, sftp, or git
-  deploy.method = :git
+case ENV['TARGET'].to_s.downcase
+when 'test'
+  activate :deploy do |deploy|
+    # Automatically run `middleman build` during `middleman deploy`
+    deploy.build_before = true
+
+    # rsync, ftp, sftp, or git
+    deploy.method = :git
+    deploy.branch = "test-gh-pages"
+  end
+else
+  activate :deploy do |deploy|
+    # Automatically run `middleman build` during `middleman deploy`
+    deploy.build_before = true
 
+    # rsync, ftp, sftp, or git
+    deploy.method = :git
+  end
 end
 
+
 page "/release-feed.xml", :layout => false
 
 # Activate middleman-breadcrumb gem

From be8d6999782bad04492ae27e22c684e52dfa554e Mon Sep 17 00:00:00 2001
From: Aaron Castro <aaron.castro1990@gmail.com>
Date: Fri, 12 Apr 2024 13:18:54 -0600
Subject: [PATCH 05/10] write-all permissions

---
 .github/workflows/build.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 4904b0a6..bb980f41 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -8,8 +8,7 @@ on:
   pull_request:
     branches:
       - main
-permissions:
-  contents: write
+permissions: write-all
 env:
   # HOME required by Setup Git and Setup Go Steps
   HOME: ${{ github.workspace }}

From d5a98bd998860579087b04f85e20f91f24b06033 Mon Sep 17 00:00:00 2001
From: Aaron Castro <aaron.castro1990@gmail.com>
Date: Fri, 12 Apr 2024 13:37:43 -0600
Subject: [PATCH 06/10] adding `peaceiris/actions-gh-pages@v3` with a condition

---
 .github/workflows/build.yaml | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index bb980f41..21ee9179 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -96,12 +96,21 @@ jobs:
           gem update --system 3.2.3
           echo "Pull Request: $TRAVIS_PULL_REQUEST"
           # Ensure the site builds, otherwise fail the build on PRs
-          if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST != 'false' ]]; then bundle exec rake download_policy_list; TARGET="test" bundle exec middleman deploy; fi
+          if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST != 'false' ]]; then bundle exec rake download_policy_list; TARGET="test" bundle exec middleman build; fi
           # Ensure the links work, otherwise fail the build on PRs (only on PRs)
           if [[ $CI_NODE_INDEX = "check_links" && $TRAVIS_PULL_REQUEST != 'false' ]]; then echo "TODO Fix check_links to throttle itself properly"; fi
           # Only deploy the site live if the master branch is updated (not during pull-requests)
           # Currently, deploy first builds by default
-          if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST == 'false' ]]; then bundle exec rake download_policy_list; bundle exec middleman deploy; fi
+          if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST == 'false' ]]; then bundle exec rake download_policy_list; bundle exec middleman build; fi
+        env:
+          CI_NODE_INDEX: ${{ matrix.index }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Deploy to Github Pages
+        if: ${{$CI_NODE_INDEX == 'build'}}
+        uses: peaceiris/actions-gh-pages@v3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./build
         env:
           CI_NODE_INDEX: ${{ matrix.index }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

From cea461895728f771247d033e5fc637f0240ca8c5 Mon Sep 17 00:00:00 2001
From: Aaron Castro <aaron.castro1990@gmail.com>
Date: Fri, 12 Apr 2024 13:40:18 -0600
Subject: [PATCH 07/10] fix expression

---
 .github/workflows/build.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 21ee9179..461bc125 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -106,7 +106,7 @@ jobs:
           CI_NODE_INDEX: ${{ matrix.index }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Deploy to Github Pages
-        if: ${{$CI_NODE_INDEX == 'build'}}
+        if: ${{env.CI_NODE_INDEX == 'build'}}
         uses: peaceiris/actions-gh-pages@v3
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}

From 164de03638ae0677dd66e127466438fd87add015 Mon Sep 17 00:00:00 2001
From: Aaron Castro <aaron.castro1990@gmail.com>
Date: Fri, 12 Apr 2024 13:59:39 -0600
Subject: [PATCH 08/10] updated permissions

---
 .github/workflows/build.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 461bc125..b5b5ae6d 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -8,7 +8,9 @@ on:
   pull_request:
     branches:
       - main
-permissions: write-all
+permissions:
+  contents: write
+  pages: write
 env:
   # HOME required by Setup Git and Setup Go Steps
   HOME: ${{ github.workspace }}

From dc17f5664f0b6b1a0f95223aa3a59948987e1e17 Mon Sep 17 00:00:00 2001
From: Aaron Castro <aaron.castro1990@gmail.com>
Date: Fri, 12 Apr 2024 18:01:26 -0600
Subject: [PATCH 09/10] run `deploy` only in main branch

---
 .github/workflows/build.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index b5b5ae6d..fb8fd167 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -108,7 +108,7 @@ jobs:
           CI_NODE_INDEX: ${{ matrix.index }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Deploy to Github Pages
-        if: ${{env.CI_NODE_INDEX == 'build'}}
+        if: ${{env.CI_NODE_INDEX == 'build' && github.ref == 'refs/heads/main'}}
         uses: peaceiris/actions-gh-pages@v3
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}

From 89ec044d42e9958e3073810ab42f900cec532bba Mon Sep 17 00:00:00 2001
From: Aaron Castro <aaron.castro1990@gmail.com>
Date: Fri, 12 Apr 2024 18:04:10 -0600
Subject: [PATCH 10/10] cleanup and removed non required code

---
 .github/workflows/build.yaml |  5 +----
 config.rb                    | 23 +++++------------------
 2 files changed, 6 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index fb8fd167..aabe2e7e 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -98,12 +98,9 @@ jobs:
           gem update --system 3.2.3
           echo "Pull Request: $TRAVIS_PULL_REQUEST"
           # Ensure the site builds, otherwise fail the build on PRs
-          if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST != 'false' ]]; then bundle exec rake download_policy_list; TARGET="test" bundle exec middleman build; fi
+          if [[ $CI_NODE_INDEX = "build" ]]; then bundle exec rake download_policy_list; bundle exec middleman build; fi
           # Ensure the links work, otherwise fail the build on PRs (only on PRs)
           if [[ $CI_NODE_INDEX = "check_links" && $TRAVIS_PULL_REQUEST != 'false' ]]; then echo "TODO Fix check_links to throttle itself properly"; fi
-          # Only deploy the site live if the master branch is updated (not during pull-requests)
-          # Currently, deploy first builds by default
-          if [[ $CI_NODE_INDEX = "build" && $TRAVIS_PULL_REQUEST == 'false' ]]; then bundle exec rake download_policy_list; bundle exec middleman build; fi
         env:
           CI_NODE_INDEX: ${{ matrix.index }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/config.rb b/config.rb
index e832cc07..a27e7036 100644
--- a/config.rb
+++ b/config.rb
@@ -264,27 +264,14 @@ def image(link, title, alt_text)
 end
 
 # middleman-deploy configuration
-case ENV['TARGET'].to_s.downcase
-when 'test'
-  activate :deploy do |deploy|
-    # Automatically run `middleman build` during `middleman deploy`
-    deploy.build_before = true
-
-    # rsync, ftp, sftp, or git
-    deploy.method = :git
-    deploy.branch = "test-gh-pages"
-  end
-else
-  activate :deploy do |deploy|
-    # Automatically run `middleman build` during `middleman deploy`
-    deploy.build_before = true
+activate :deploy do |deploy|
+  # Automatically run `middleman build` during `middleman deploy`
+  deploy.build_before = true
 
-    # rsync, ftp, sftp, or git
-    deploy.method = :git
-  end
+  # rsync, ftp, sftp, or git
+  deploy.method = :git
 end
 
-
 page "/release-feed.xml", :layout => false
 
 # Activate middleman-breadcrumb gem