Skip to content
Pages

Pages #90

Sign in to view logs

Pages

Pages #90

Workflow file for this run

.github/workflows/pages.yaml at fb13809
name: Pages
on:
push:
branches:
- main
pull_request: {}
workflow_dispatch:
inputs:
ignore_linkcheck:
description: Ignore link checker results when deploying
required: false
default: false
type: boolean
schedule:
- cron: "0 0 * * MON"
- cron: "0 0 * * THU"
permissions:
pull-requests: write
env:
LYCHEE_VERSION: "0.13.0"
HUGO_VERSION: "0.118.2"
JAVA_VERSION: "17"
JAVA_DISTRIBUTION: "temurin"
jobs:
deploy:
runs-on: ubuntu-22.04
steps:
#
# Environment setup
#
- uses: actions/checkout@v3
with:
submodules: true
fetch-depth: 0
- uses: actions/setup-java@v3
with:
distribution: "${{ env.JAVA_DISTRIBUTION }}"
java-version: "${{ env.JAVA_VERSION }}"
- name: Setup Hugo
uses: peaceiris/actions-hugo@v2
with:
hugo-version: "${{ env.HUGO_VERSION }}"
extended: true
# lifted from https://github.com/lycheeverse/lychee-action/blob/master/action.yml
- name: Setup Lychee
run: |
# Cleanup artifacts from previous run in case it crashed
rm -rf "lychee-v${{ env.LYCHEE_VERSION }}-x86_64-unknown-linux-gnu.tar.gz" lychee
curl -sLO "https://github.com/lycheeverse/lychee/releases/download/v${{ env.LYCHEE_VERSION }}/lychee-v${{ env.LYCHEE_VERSION }}-x86_64-unknown-linux-gnu.tar.gz"
tar -xvzf "lychee-v${{ env.LYCHEE_VERSION }}-x86_64-unknown-linux-gnu.tar.gz"
rm "lychee-v${{ env.LYCHEE_VERSION }}-x86_64-unknown-linux-gnu.tar.gz"
install -t "$HOME/.local/bin" -D lychee
rm lychee
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
- name: Setup swap space
# The Hugo build can require a significant amount of memory
uses: pierotofy/set-swap-space@49819abfb41bd9b44fb781159c033dba90353a7c
with:
swap-size-gb: "10"
#
# Set up cache
#
- name: Get the list of tagged revisions (for cache)
id: get-revisions
run: |
echo revisions_hash=$(cd support/OSCAL; git tag | grep -E '^v\d+\.\d+\.\d+$' | sha256sum) >> $GITHUB_OUTPUT
shell: bash
- name: Cache generated content for existing tags
uses: actions/cache@v3
with:
# explicitly do not cache develop as they are likely to change
path: |
site/content/models/v*/
site/data/models/v*/
key: cache-models-${{ hashFiles('site/archetypes/**') }}-${{ hashFiles('support/*.sh') }}-${{ steps.get-revisions.outputs.revisions_hash }}
# A new tagged revision will invalidate the primary cache key
# See https://github.com/actions/cache/blob/main/tips-and-workarounds.md#update-a-cache
restore-keys: |
cache-models-${{ hashFiles('site/archetypes/**') }}-${{ hashFiles('support/*.sh') }}
# Cache lychee results (e.g. to avoid hitting rate limits)
- name: Restore lychee cache
uses: actions/cache@v3
with:
path: .lycheecache
key: cache-lychee-${{ github.sha }}
restore-keys: cache-lychee-
#
# Build
#
- name: Build
# https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources
# GHA runners have 2 CPUs
run: make site -j2
#
# Checks (and check plumbing)
#
- name: Link Check
id: linkcheck
run: make linkcheck LYCHEE_EXTRA_FLAGS='--github-token ${{ secrets.GITHUB_TOKEN }}'
- name: Upload linkcheck report
uses: actions/upload-artifact@v3
with:
name: linkcheck-report
path: lychee_report.md
retention-days: 5
- name: Comment broken links
uses: marocchino/sticky-pull-request-comment@v2
with:
path: lychee_report.md
skip_unchanged: true
if: github.event_name == 'pull_request'
#
# Deployment
#
- name: Deploy
uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305
# Deploy if on main branch and EITHER the linkcheck succeeds or ignore_linkcheck has been flipped
# crucially ignore periodic checks
if: github.ref == 'refs/heads/main' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && (steps.linkcheck.outcome == 'success' || github.event.inputs.ignore_linkcheck)
with:
personal_token: ${{ secrets.COMMIT_TOKEN }}
enable_jekyll: false
publish_dir: ./site/public
publish_branch: nist-pages
user_name: OSCAL GitHub Actions Bot
user_email: [email protected]
commit_message: Deploying website [ci deploy]