-
Notifications
You must be signed in to change notification settings - Fork 14
170 lines (160 loc) · 5.08 KB
/
workflow-generate-website.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
name: Generate Website
on:
push:
branches:
- main
- develop
- "feature-*"
- "release-*"
pull_request:
branches:
- main
- develop
- "feature-*"
- "release-*"
workflow_call:
inputs:
publish_website:
description: 'Commit and publish the website. Requires a PAT defined as secrets.COMMIT_TOKEN'
required: false
default: false
type: boolean
workflow_dispatch:
inputs:
publish_website:
description: 'Commit and publish the website. Requires a PAT defined as secrets.COMMIT_TOKEN'
required: true
default: false
type: boolean
jobs:
build-website:
name: Build Website
runs-on: ubuntu-20.04
env:
HUGO_VERSION: 0.110.0
HUGO_CHECKSUM: "969eeabb570e9d674d374de37a9d4c8799edf91a9a4dd9115dd714d559b5ad46"
steps:
# https://gohugo.io/hosting-and-deployment/hosting-on-github/
# Install Hugo
- name: Install Hugo CLI
run: |
wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \
&& echo "${HUGO_CHECKSUM} *${{ runner.temp }}/hugo.deb" | shasum -a 256 --strict -c \
&& sudo dpkg -i ${{ runner.temp }}/hugo.deb
- name: Install Dart Sass
run: sudo snap install dart-sass
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
submodules: recursive
fetch-depth: 0
- name: Install Node.js dependencies
run: "[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm ci || true"
- name: Build with Hugo
env:
# For maximum backward compatibility with Hugo modules
HUGO_ENVIRONMENT: production
HUGO_ENV: production
run: |
hugo \
-v \
-s src/ \
--config "config.yaml,development-config.yaml" \
--gc \
--minify \
--debug
- name: Upload artifact
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: website
path: ./src/public
check-links:
name: Check Links
runs-on: ubuntu-20.04
needs:
- build-website
steps:
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
submodules: recursive
fetch-depth: 0
- name: Open Website Artifact
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: website
path: website
- name: Check Directory Listing
shell: bash
run: |
find ./
ls -ltra ./
- name: Check Links
uses: lycheeverse/lychee-action@76ab977fedbeaeb32029313724a2e56a8a393548
with:
args: --exclude-file ./.github/workflows/config/.lycheeignore --verbose --no-progress --accept 200,206,429 './website/**/*.html' --exclude-mail
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Save Report
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: report
path: ./lychee/out.md
stage-content:
name: Publish Content to published-pages Branch
runs-on: ubuntu-20.04
needs:
- build-website
- check-links
steps:
- name: Open Website Artifact
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: website
path: public
- name: Check Directory Listing
shell: bash
run: |
find ./
ls -ltra ./
- name: Stage Content
uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || inputs.publish_website == true)
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
enable_jekyll: false
publish_dir: ./public
publish_branch: published-pages
user_name: OSCAL GitHub Actions Bot
user_email: oscal@nist.gov
commit_message: Staging website content [ci deploy]
publish-website:
name: Publish Website to OSCAL Branch for NIST Pages
runs-on: ubuntu-20.04
needs:
- build-website
- check-links
- stage-content
steps:
- name: Checkout published-pages
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
ref: published-pages
persist-credentials: false
submodules: recursive
fetch-depth: 0
- name: Check Directory Listing
shell: bash
run: |
find ./
ls -ltra ./
git status
- name: Stage website in OSCAL Project
uses: ad-m/github-push-action@40bf560936a8022e68a3c00e7d2abefaf01305a6 # v0.6.0
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || inputs.publish_website == true)
with:
github_token: ${{ secrets.COMMIT_TOKEN }}
repository: usnistgov/OSCAL
branch: nist-pages
force: true
directory: '.'