-
Notifications
You must be signed in to change notification settings - Fork 4
148 lines (147 loc) · 5.05 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
on:
push:
branches:
- release/**
- develop
- feature/**
pull_request:
types: [opened, synchronize, reopened]
branches:
- release/**
- develop
- feature/**
merge_group:
workflow_dispatch:
inputs:
linkcheck_fail_on_error:
description: 'a boolean flag that determines if bad links found by the link checker fail fast and stop a complete build'
required: false
default: true
type: boolean
linkcheck_create_issue:
description: 'create new GitHub issue if broken links found'
required: false
default: false
type: boolean
name: Build and Test
env:
INPUT_FAIL_ON_ERROR: ${{ github.event.inputs.linkcheck_fail_on_error || 'true' }}
INPUT_ISSUE_ON_ERROR: ${{ github.event.inputs.linkcheck_create_issue || 'false' }}
MAVEN_VERSION: 3.9.8
JAVA_DISTRO: 'temurin'
JAVA_VERSION_FILE: .java-version
jobs:
build-code:
name: Code
runs-on: ubuntu-20.04
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
with:
submodules: recursive
filter: tree:0
# -------------------------
# Java Environment Setup
# -------------------------
- name: Set up Maven
uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1
with:
maven-version: ${{ env.MAVEN_VERSION }}
- name: Set up JDK
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73
with:
java-version-file: ${{ env.JAVA_VERSION_FILE }}
distribution: ${{ env.JAVA_DISTRO }}
cache: 'maven'
- name: Initialize CodeQL
if: github.event_name == 'push'
uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b
with:
languages: java
# -------------------------
# Maven Build
# -------------------------
- name: Build and Test Code
run: |
mvn -B -e -Prelease package
- name: Perform CodeQL Analysis
if: github.event_name == 'push'
uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b
with:
upload: ${{ github.ref_name == 'develop' && 'always' || 'never' }}
build-website:
name: Website
runs-on: ubuntu-20.04
permissions:
actions: read
contents: write
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
with:
submodules: recursive
filter: tree:0
# -------------------------
# Java Environment Setup
# -------------------------
- name: Set up Maven
uses: stCarolas/setup-maven@d6af6abeda15e98926a57b5aa970a96bb37f97d1
with:
maven-version: ${{ env.MAVEN_VERSION }}
- name: Set up JDK
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73
with:
java-version-file: ${{ env.JAVA_VERSION_FILE }}
distribution: ${{ env.JAVA_DISTRO }}
cache: 'maven'
# -------------------------
# Maven Build
# -------------------------
- name: Build and Test Website
run: |
mvn -B -e -Prelease install site site:stage -Dmaven.test.skip=true
- name: Zip Artifacts for Upload
run: |
zip ${{ runner.temp }}/website.zip -r target/staging
- name: Upload generated site
uses: actions/upload-artifact@84480863f228bb9747b473957fcc9e309aa96097
with:
name: website
path: |
${{ runner.temp }}/website.zip
retention-days: 5
- id: linkchecker
name: Link Checker
uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621
with:
args: --verbose --no-progress --accept 200,206,429 './target/staging/**/*.html' --remap "https://github.com/metaschema-framework/oscal-cli/tree/develop/ file://${GITHUB_WORKSPACE}/" --remap "https://oscal-cli.metaschema.dev/ file://${GITHUB_WORKSPACE}/target/staging/" --exclude-mail
format: markdown
output: html-link-report.md
debug: true
fail: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
continue-on-error: true
- name: Upload link check report
uses: actions/upload-artifact@84480863f228bb9747b473957fcc9e309aa96097
with:
name: html-link-report
path: html-link-report.md
retention-days: 5
- name: Create issue if bad links detected
if: ${{ !cancelled() && env.lychee_exit_code != 0 && env.INPUT_ISSUE_ON_ERROR == 'true' }}
uses: peter-evans/create-issue-from-file@e8ef132d6df98ed982188e460ebb3b5d4ef3a9cd
with:
title: Scheduled Check of Website Content Found Bad Hyperlinks
content-filepath: ./lychee/out.md
labels: |
bug
documentation
- name: Fail on link check error
if: ${{ !cancelled() && env.lychee_exit_code != 0 && env.INPUT_FAIL_ON_ERROR == 'true' }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
with:
script: |
core.setFailed('Link checker detected broken or invalid links, read attached report.')