Skip to content

Bump github/codeql-action from 3.25.15 to 3.26.0 (#6) #27

Bump github/codeql-action from 3.25.15 to 3.26.0 (#6)

Bump github/codeql-action from 3.25.15 to 3.26.0 (#6) #27

Workflow file for this run

on:
push:
branches:
- release/**
- develop
- feature/**
pull_request:
types: [opened, synchronize, reopened]
branches:
- release/**
- develop
- feature/**
merge_group:
workflow_dispatch:
inputs:
linkcheck_fail_on_error:
description: 'a boolean flag that determines if bad links found by the link checker fail fast and stop a complete build'
required: false
default: true
type: boolean
linkcheck_create_issue:
description: 'create new GitHub issue if broken links found'
required: false
default: false
type: boolean
name: Build and Test
env:
INPUT_FAIL_ON_ERROR: ${{ github.event.inputs.linkcheck_fail_on_error || 'true' }}
INPUT_ISSUE_ON_ERROR: ${{ github.event.inputs.linkcheck_create_issue || 'false' }}
MAVEN_VERSION: 3.9.8
JAVA_DISTRO: 'temurin'
JAVA_VERSION_FILE: .java-version
jobs:
build-code:
name: Code
runs-on: ubuntu-20.04
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
submodules: recursive
filter: tree:0
# -------------------------
# Java Environment Setup
# -------------------------
- name: Set up Maven
uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1
with:
maven-version: ${{ env.MAVEN_VERSION }}
- name: Set up JDK
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
with:
java-version-file: ${{ env.JAVA_VERSION_FILE }}
distribution: ${{ env.JAVA_DISTRO }}
cache: 'maven'
- name: Initialize CodeQL
if: github.event_name == 'push'
uses: github/codeql-action/init@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa
with:
languages: java
# -------------------------
# Maven Build
# -------------------------
- name: Build and Test Code
run: |
mvn -B -e -Prelease package
- name: Perform CodeQL Analysis
if: github.event_name == 'push'
uses: github/codeql-action/analyze@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa
with:
upload: ${{ github.ref_name == 'develop' && 'always' || 'never' }}
build-website:
name: Website
runs-on: ubuntu-20.04
permissions:
actions: read
contents: write
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
submodules: recursive
filter: tree:0
# -------------------------
# Java Environment Setup
# -------------------------
- name: Set up Maven
uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1
with:
maven-version: ${{ env.MAVEN_VERSION }}
- name: Set up JDK
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
with:
java-version-file: ${{ env.JAVA_VERSION_FILE }}
distribution: ${{ env.JAVA_DISTRO }}
cache: 'maven'
# -------------------------
# Maven Build
# -------------------------
- name: Build and Test Website
run: |
mvn -B -e -Prelease install site site:stage -Dmaven.test.skip=true
- name: Zip Artifacts for Upload
run: |
zip ${{ runner.temp }}/website.zip -r target/staging
- name: Upload generated site
uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029
with:
name: website
path: |
${{ runner.temp }}/website.zip
retention-days: 5
- id: linkchecker
name: Link Checker
uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621
with:
args: --verbose --no-progress --accept 200,206,429 './target/staging/**/*.html' --remap "https://github.com/metaschema-framework/oscal-cli/tree/develop/ file://${GITHUB_WORKSPACE}/" --remap "https://oscal-cli.metaschema.dev/ file://${GITHUB_WORKSPACE}/target/staging/" --exclude-mail
format: markdown
output: html-link-report.md
debug: true
fail: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
continue-on-error: true
- name: Upload link check report
uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029
with:
name: html-link-report
path: html-link-report.md
retention-days: 5
- name: Create issue if bad links detected
if: ${{ !cancelled() && env.lychee_exit_code != 0 && env.INPUT_ISSUE_ON_ERROR == 'true' }}
uses: peter-evans/create-issue-from-file@24452a72d85239eacf1468b0f1982a9f3fec4c94
with:
title: Scheduled Check of Website Content Found Bad Hyperlinks
content-filepath: ./lychee/out.md
labels: |
bug
documentation
- name: Fail on link check error
if: ${{ !cancelled() && env.lychee_exit_code != 0 && env.INPUT_FAIL_ON_ERROR == 'true' }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
with:
script: |
core.setFailed('Link checker detected broken or invalid links, read attached report.')