Bump github/codeql-action from 3.26.12 to 3.26.13 #148
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- release/** | |
- develop | |
- feature/** | |
pull_request: | |
types: [opened, synchronize, reopened] | |
branches: | |
- release/** | |
- develop | |
- feature/** | |
merge_group: | |
workflow_dispatch: | |
inputs: | |
linkcheck_fail_on_error: | |
description: 'a boolean flag that determines if bad links found by the link checker fail fast and stop a complete build' | |
required: false | |
default: true | |
type: boolean | |
linkcheck_create_issue: | |
description: 'create new GitHub issue if broken links found' | |
required: false | |
default: false | |
type: boolean | |
name: Build and Test | |
env: | |
INPUT_FAIL_ON_ERROR: ${{ github.event.inputs.linkcheck_fail_on_error || 'true' }} | |
INPUT_ISSUE_ON_ERROR: ${{ github.event.inputs.linkcheck_create_issue || 'false' }} | |
MAVEN_VERSION: 3.9.8 | |
JAVA_DISTRO: 'temurin' | |
JAVA_VERSION_FILE: .java-version | |
jobs: | |
build-code: | |
name: Code | |
runs-on: ubuntu-20.04 | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 | |
with: | |
submodules: recursive | |
filter: tree:0 | |
# ------------------------- | |
# Java Environment Setup | |
# ------------------------- | |
- name: Set up Maven | |
uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1 | |
with: | |
maven-version: ${{ env.MAVEN_VERSION }} | |
- name: Set up JDK | |
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 | |
with: | |
java-version-file: ${{ env.JAVA_VERSION_FILE }} | |
distribution: ${{ env.JAVA_DISTRO }} | |
cache: 'maven' | |
- name: Initialize CodeQL | |
if: github.event_name == 'push' | |
uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b | |
with: | |
languages: java | |
# ------------------------- | |
# Maven Build | |
# ------------------------- | |
- name: Build and Test Code | |
run: | | |
mvn -B -e -Prelease package | |
- name: Perform CodeQL Analysis | |
if: github.event_name == 'push' | |
uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b | |
with: | |
upload: ${{ github.ref_name == 'develop' && 'always' || 'never' }} | |
build-website: | |
name: Website | |
runs-on: ubuntu-20.04 | |
permissions: | |
actions: read | |
contents: write | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 | |
with: | |
submodules: recursive | |
filter: tree:0 | |
# ------------------------- | |
# Java Environment Setup | |
# ------------------------- | |
- name: Set up Maven | |
uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1 | |
with: | |
maven-version: ${{ env.MAVEN_VERSION }} | |
- name: Set up JDK | |
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 | |
with: | |
java-version-file: ${{ env.JAVA_VERSION_FILE }} | |
distribution: ${{ env.JAVA_DISTRO }} | |
cache: 'maven' | |
# ------------------------- | |
# Maven Build | |
# ------------------------- | |
- name: Build and Test Website | |
run: | | |
mvn -B -e -Prelease install site site:stage -Dmaven.test.skip=true | |
- name: Zip Artifacts for Upload | |
run: | | |
zip ${{ runner.temp }}/website.zip -r target/staging | |
- name: Upload generated site | |
uses: actions/upload-artifact@84480863f228bb9747b473957fcc9e309aa96097 | |
with: | |
name: website | |
path: | | |
${{ runner.temp }}/website.zip | |
retention-days: 5 | |
- id: linkchecker | |
name: Link Checker | |
uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621 | |
with: | |
args: --verbose --no-progress --accept 200,206,429 './target/staging/**/*.html' --remap "https://github.com/metaschema-framework/oscal-cli/tree/develop/ file://${GITHUB_WORKSPACE}/" --remap "https://oscal-cli.metaschema.dev/ file://${GITHUB_WORKSPACE}/target/staging/" --exclude-mail | |
format: markdown | |
output: html-link-report.md | |
debug: true | |
fail: true | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
continue-on-error: true | |
- name: Upload link check report | |
uses: actions/upload-artifact@84480863f228bb9747b473957fcc9e309aa96097 | |
with: | |
name: html-link-report | |
path: html-link-report.md | |
retention-days: 5 | |
- name: Create issue if bad links detected | |
if: ${{ !cancelled() && env.lychee_exit_code != 0 && env.INPUT_ISSUE_ON_ERROR == 'true' }} | |
uses: peter-evans/create-issue-from-file@e8ef132d6df98ed982188e460ebb3b5d4ef3a9cd | |
with: | |
title: Scheduled Check of Website Content Found Bad Hyperlinks | |
content-filepath: ./lychee/out.md | |
labels: | | |
bug | |
documentation | |
- name: Fail on link check error | |
if: ${{ !cancelled() && env.lychee_exit_code != 0 && env.INPUT_FAIL_ON_ERROR == 'true' }} | |
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea | |
with: | |
script: | | |
core.setFailed('Link checker detected broken or invalid links, read attached report.') |