volcengine · yufeng201 · May 8, 2026 · May 8, 2026 · May 8, 2026 · May 8, 2026
diff --git a/.github/workflows/blog-tos.yml b/.github/workflows/blog-tos.yml
@@ -0,0 +1,112 @@
+name: 20. Blog TOS Deploy
+
+on:
+  push:
+    branches: [ main ]
+    paths:
+      - 'blog/**'
+      - '.github/workflows/blog-tos.yml'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  deploy:
+    name: Build and Upload Blog to TOS
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: 22
+          cache: npm
+          cache-dependency-path: blog/package-lock.json
+
+      - name: Install blog dependencies
+        run: npm ci
+        working-directory: blog
+
+      - name: Build blog
+        run: npm run build
+        working-directory: blog
+
+      - name: Check TOS configuration
+        id: tos_config
+        env:
+          TOS_ACCESS_KEY: ${{ secrets.TOS_ACCESS_KEY }}
+          TOS_SECRET_KEY: ${{ secrets.TOS_SECRET_KEY }}
+          TOS_REGION: ${{ secrets.BLOG_TOS_REGION || secrets.TOS_REGION }}
+          TOS_BUCKET: ${{ secrets.BLOG_TOS_BUCKET }}
+          TOS_ENDPOINT: ${{ secrets.BLOG_TOS_ENDPOINT || secrets.TOS_ENDPOINT }}
+        run: |
+          if [ -n "${TOS_ACCESS_KEY}" ] && [ -n "${TOS_SECRET_KEY}" ] && [ -n "${TOS_REGION}" ] && [ -n "${TOS_BUCKET}" ] && [ -n "${TOS_ENDPOINT}" ]; then
+            echo "configured=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "configured=false" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Set up Python
+        if: steps.tos_config.outputs.configured == 'true'
+        id: setup_python
+        continue-on-error: true
+        uses: actions/setup-python@v6
+        with:
+          python-version: '3.x'
+
+      - name: Install AWS CLI
+        if: steps.tos_config.outputs.configured == 'true'
+        id: install_aws_cli
+        continue-on-error: true
+        run: |
+          python -m pip install --upgrade awscli
+          aws configure set default.s3.addressing_style virtual
+
+      - name: Upload blog dist to TOS
+        id: upload_tos
+        if: steps.tos_config.outputs.configured == 'true'
+        continue-on-error: true
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.TOS_ACCESS_KEY }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.TOS_SECRET_KEY }}
+          AWS_DEFAULT_REGION: ${{ secrets.BLOG_TOS_REGION || secrets.TOS_REGION }}
+          TOS_BUCKET: ${{ secrets.BLOG_TOS_BUCKET }}
+          TOS_ENDPOINT: ${{ secrets.BLOG_TOS_ENDPOINT || secrets.TOS_ENDPOINT }}
+        run: |
+          set -euo pipefail
+          : "${AWS_ACCESS_KEY_ID:?Missing TOS_ACCESS_KEY secret}"
+          : "${AWS_SECRET_ACCESS_KEY:?Missing TOS_SECRET_KEY secret}"
+          : "${AWS_DEFAULT_REGION:?Missing BLOG_TOS_REGION or TOS_REGION secret}"
+          : "${TOS_BUCKET:?Missing BLOG_TOS_BUCKET secret}"
+          : "${TOS_ENDPOINT:?Missing BLOG_TOS_ENDPOINT or TOS_ENDPOINT secret}"
+
+          TOS_ENDPOINT="${TOS_ENDPOINT#https://}"
+          TOS_ENDPOINT="${TOS_ENDPOINT#http://}"
+          case "${TOS_ENDPOINT}" in
+            tos-s3-*) TOS_S3_ENDPOINT="${TOS_ENDPOINT}" ;;
+            tos-*) TOS_S3_ENDPOINT="tos-s3-${TOS_ENDPOINT#tos-}" ;;
+            *) TOS_S3_ENDPOINT="${TOS_ENDPOINT}" ;;
+          esac
+
+          aws s3 sync blog/dist "s3://${TOS_BUCKET}/" \
+            --endpoint-url "https://${TOS_S3_ENDPOINT}" \
+            --delete \
+            --only-show-errors
+
+      - name: Report TOS deployment failure
+        if: steps.setup_python.outcome == 'failure' || steps.install_aws_cli.outcome == 'failure' || steps.upload_tos.outcome == 'failure'
+        run: |
+          echo "::warning::Blog was built, but deploying to TOS failed. This deployment is non-blocking."
+          echo "## TOS deployment failed" >> "$GITHUB_STEP_SUMMARY"
+          echo "" >> "$GITHUB_STEP_SUMMARY"
+          echo "Blog build succeeded, but setting up TOS tooling or uploading blog/dist failed. This workflow keeps passing so TOS availability does not block other repository flows." >> "$GITHUB_STEP_SUMMARY"
+
+      - name: Report skipped TOS upload
+        if: steps.tos_config.outputs.configured != 'true'
+        run: |
+          echo "## TOS upload skipped" >> "$GITHUB_STEP_SUMMARY"
+          echo "" >> "$GITHUB_STEP_SUMMARY"
+          echo "Blog build succeeded, but blog TOS secrets are not fully configured for this repository. Upload was skipped without failing the workflow." >> "$GITHUB_STEP_SUMMARY"
diff --git a/blog/.gitignore b/blog/.gitignore
@@ -0,0 +1,7 @@
+node_modules
+dist
+.valaxy
+public/atom.xml
+public/feed.json
+public/feed.xml
+public/valaxy-fuse-list.json
diff --git a/blog/README.md b/blog/README.md
@@ -0,0 +1,38 @@
+# OpenViking Blog
+
+This directory contains the Valaxy site for `blog.openviking.dev`.
+
+## Local development
+
+```bash
+npm install
+npm run dev
+```
+
+## Build
+
+```bash
+npm run build
+```
+
+The production output is written to `blog/dist`.
+
+## TOS deployment
+
+`.github/workflows/blog-tos.yml` builds this site and uploads `blog/dist` to TOS.
+
+Required GitHub secret:
+
+- `BLOG_TOS_BUCKET`
+
+Shared with the docs deployment:
+
+- `TOS_ACCESS_KEY`
+- `TOS_SECRET_KEY`
+- `TOS_REGION`
+- `TOS_ENDPOINT`
+
+Optional blog-specific overrides:
+
+- `BLOG_TOS_REGION`
+- `BLOG_TOS_ENDPOINT`