forked from usnistgov/OSCAL
-
Notifications
You must be signed in to change notification settings - Fork 0
181 lines (181 loc) · 7.24 KB
/
workflow-generate-website.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
name: Generate Website
on:
workflow_call:
inputs:
commit_resources:
description: 'commit the resources after generating them. Requires the access_token to be passed'
required: false
default: false
type: boolean
bad_links_fail_build:
description: 'a boolean flag that determines if bad links found by the link checker fail fast and stop a complete build'
required: false
default: true
type: boolean
secrets:
access_token:
description: 'the access token to use for commits'
required: false
workflow_dispatch:
branches:
- main
- develop
- "release-*"
inputs:
commit_resources:
description: 'commit the resources after generating them. Requires a PAT defined as secrets.COMMIT_TOKEN'
required: true
default: false
type: boolean
bad_links_fail_build:
description: 'a boolean flag that determines if bad links found by the link checker fail fast and stop a complete build'
required: false
default: true
type: boolean
create_issue:
description: 'create new GitHub issue if broken links found'
required: false
default: false
type: boolean
jobs:
build-and-push-website:
name: Build and Push Website
runs-on: ubuntu-20.04
env:
JAVA_CLASSPATH: ${{ github.workspace}}/lib
BUILD_PATH: ./build
CICD_PATH: ./build/ci-cd
steps:
# use this for builds triggered from the UI on protected branches
- name: Checkout Latest (using COMMIT_TOKEN)
if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true'
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
with:
token: ${{ secrets.COMMIT_TOKEN }}
submodules: recursive
id: checkout_latest_workflow
# use this for builds triggered from other workflows on protected branches
- name: Checkout Latest (using access_token)
if: github.event_name == 'push' && inputs.commit_resources == true
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
with:
token: ${{ secrets.access_token }}
submodules: recursive
id: checkout_latest_push
# use this for overything else (i.e., pull requests) where publication is not needed
- name: Checkout Latest
if: steps.checkout_latest_workflow.conclusion == 'skipped' && steps.checkout_latest_push.conclusion == 'skipped'
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
with:
submodules: recursive
- name: Set env
run: |
echo "SAXON_HOME=${JAVA_CLASSPATH}" >> $GITHUB_ENV
echo "CALABASH_HOME=${JAVA_CLASSPATH}" >> $GITHUB_ENV
# Setup runtime environment
# -------------------------
# Java JDK 11
- name: Set up JDK
uses: actions/setup-java@f0bb91606209742fe3ea40199be2f3ef195ecabf
with:
java-version: 11
distribution: 'temurin'
cache: 'maven'
- name: Install JDK Deps Saxon and XML Calabash
run: |
cd "${BUILD_PATH}"
mkdir -p "${JAVA_CLASSPATH}"
mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}"
# Build Artifacts
# ---------------
- name: Generate specification documentation
run: |
bash "${CICD_PATH}/generate-specification-documentation.sh"
- uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
with:
name: specification-docs
path: |
docs/content/concepts/processing/profile-resolution.html
retention-days: 5
# Install Hugo
- name: Store Hugo Executable in Cache
uses: actions/cache@0865c47f36e68161719c5b124609996bb5c40129
with:
path: /home/runner/go/bin/hugo
key: ${{ runner.os }}-hugo-${{ hashFiles(format('{0}/go.sum', env.BUILD_PATH)) }}
id: cache-hugo
- name: Add Cached Hugo Executable to PATH
if: steps.cache-hugo.outputs.cache-hit == 'true'
run: |
echo "/home/runner/go/bin" >> $GITHUB_PATH
- name: Setup Golang
if: steps.cache-hugo.outputs.cache-hit != 'true'
uses: actions/setup-go@b22fbbc2921299758641fab08929b4ac52b32923
with:
go-version-file: '${{ env.BUILD_PATH }}/go.mod'
cache: true
cache-dependency-path: '${{ env.BUILD_PATH }}/go.sum'
- name: Install Hugo
if: steps.cache-hugo.outputs.cache-hit != 'true'
run: |
cd "${{ env.BUILD_PATH }}"
go install -tags "extended" github.com/gohugoio/hugo
- name: Run Hugo
run: |
hugo --config "config.yaml,development-config.yaml" -v --debug --minify
working-directory: ${{ github.workspace }}/docs
- name: Zip Artifacts for Upload
run: |
zip ${{ runner.temp }}/metaschema-website.zip -r public/
working-directory: ${{ github.workspace }}/docs
- uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
with:
name: website
path: |
${{ runner.temp }}/metaschema-website.zip
retention-days: 5
- name: Link Checker
id: linkchecker
uses: lycheeverse/lychee-action@76ab977fedbeaeb32029313724a2e56a8a393548
with:
args: --exclude-file ./build/config/.lycheeignore --verbose --no-progress './docs/public/**/*.html' --accept 200,206,429
format: markdown
output: html-link-report.md
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
with:
name: html-link-report
path: html-link-report.md
retention-days: 5
- uses: actions/github-script@7a5c598405937d486b0331594b5da2b14db670da
if: steps.linkchecker.outputs.exit_code != 0
with:
script: |
core.setFailed('Link checker detected broken or invalid links, read attached report.')
- uses: actions/github-script@7a5c598405937d486b0331594b5da2b14db670da
if: steps.linkchecker.outputs.exit_code != 0 && (github.event.inputs.bad_links_fail_build == 'true' || inputs.bad_links_fail_build == true)
with:
script: |
core.setFailed('Link checker detected broken or invalid links, read attached report.')
- name: Deploy Website (using access_token)
uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305
if: github.event_name == 'push' && inputs.commit_resources == true && github.ref_name == 'main'
with:
github_token: ${{ secrets.access_token }}
enable_jekyll: false
publish_dir: ./docs/public
publish_branch: nist-pages
commit_message: Deploying website [ci deploy skip]
- name: Deploy Website (using COMMIT_TOKEN)
uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305
if: github.event_name == 'workflow_dispatch' && github.event.inputs.commit_resources == 'true' && github.ref_name == 'main'
with:
github_token: ${{ secrets.COMMIT_TOKEN }}
enable_jekyll: false
publish_dir: ./docs/public
publish_branch: nist-pages
commit_user_name: OSCAL GitHub Actions Bot
commit_user_email: oscal@nist.gov
commit_author: OSCAL GitHub Actions Bot <oscal@nist.gov>
commit_message: Deploying website [ci deploy skip]