Update news with Sept. 2023 liboscal-java and oscal-cli releases #96
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Generate Website | |
on: | |
push: | |
branches: | |
- main | |
- develop | |
- "feature-*" | |
- "release-*" | |
pull_request: | |
branches: | |
- main | |
- develop | |
- "feature-*" | |
- "release-*" | |
workflow_call: | |
inputs: | |
publish_website: | |
description: 'Commit and publish the website. Requires a PAT defined as secrets.COMMIT_TOKEN' | |
required: false | |
default: false | |
type: boolean | |
workflow_dispatch: | |
inputs: | |
publish_website: | |
description: 'Commit and publish the website. Requires a PAT defined as secrets.COMMIT_TOKEN' | |
required: true | |
default: false | |
type: boolean | |
jobs: | |
build-website: | |
name: Build Website | |
runs-on: ubuntu-20.04 | |
env: | |
HUGO_VERSION: 0.110.0 | |
HUGO_CHECKSUM: "969eeabb570e9d674d374de37a9d4c8799edf91a9a4dd9115dd714d559b5ad46" | |
steps: | |
# https://gohugo.io/hosting-and-deployment/hosting-on-github/ | |
# Install Hugo | |
- name: Install Hugo CLI | |
run: | | |
wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \ | |
&& echo "${HUGO_CHECKSUM} *${{ runner.temp }}/hugo.deb" | shasum -a 256 --strict -c \ | |
&& sudo dpkg -i ${{ runner.temp }}/hugo.deb | |
- name: Install Dart Sass | |
run: sudo snap install dart-sass | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
with: | |
submodules: recursive | |
fetch-depth: 0 | |
- name: Install Node.js dependencies | |
run: "[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm ci || true" | |
- name: Build with Hugo | |
env: | |
# For maximum backward compatibility with Hugo modules | |
HUGO_ENVIRONMENT: production | |
HUGO_ENV: production | |
run: | | |
hugo \ | |
-v \ | |
-s src/ \ | |
--config "config.yaml,development-config.yaml" \ | |
--gc \ | |
--minify \ | |
--debug | |
- name: Upload artifact | |
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: website | |
path: ./src/public | |
check-links: | |
name: Check Links | |
runs-on: ubuntu-20.04 | |
needs: | |
- build-website | |
steps: | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
with: | |
submodules: recursive | |
fetch-depth: 0 | |
- name: Open Website Artifact | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: website | |
path: website | |
- name: Check Directory Listing | |
shell: bash | |
run: | | |
find ./ | |
ls -ltra ./ | |
- name: Check Links | |
uses: lycheeverse/lychee-action@76ab977fedbeaeb32029313724a2e56a8a393548 | |
with: | |
args: --exclude-file ./.github/workflows/config/.lycheeignore --verbose --no-progress --accept 200,206,429 './website/**/*.html' --exclude-mail | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Save Report | |
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: report | |
path: ./lychee/out.md | |
stage-content: | |
name: Publish Content to published-pages Branch | |
runs-on: ubuntu-20.04 | |
needs: | |
- build-website | |
- check-links | |
steps: | |
- name: Open Website Artifact | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: website | |
path: public | |
- name: Check Directory Listing | |
shell: bash | |
run: | | |
find ./ | |
ls -ltra ./ | |
- name: Stage Content | |
uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305 | |
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || inputs.publish_website == true) | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
enable_jekyll: false | |
publish_dir: ./public | |
publish_branch: published-pages | |
user_name: OSCAL GitHub Actions Bot | |
user_email: oscal@nist.gov | |
commit_message: Staging website content [ci deploy] | |
publish-website: | |
name: Publish Website to OSCAL Branch for NIST Pages | |
runs-on: ubuntu-20.04 | |
needs: | |
- build-website | |
- check-links | |
- stage-content | |
steps: | |
- name: Checkout published-pages | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
with: | |
ref: published-pages | |
persist-credentials: false | |
submodules: recursive | |
fetch-depth: 0 | |
- name: Check Directory Listing | |
shell: bash | |
run: | | |
find ./ | |
ls -ltra ./ | |
git status | |
- name: Stage website in OSCAL Project | |
uses: ad-m/github-push-action@40bf560936a8022e68a3c00e7d2abefaf01305a6 # v0.6.0 | |
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || inputs.publish_website == true) | |
with: | |
github_token: ${{ secrets.COMMIT_TOKEN }} | |
repository: usnistgov/OSCAL | |
branch: nist-pages | |
force: true | |
directory: '.' |