forked from OWASP/samm
-
Notifications
You must be signed in to change notification settings - Fork 0
117 lines (101 loc) · 3.71 KB
/
yaml-process.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: Generate Web Markdown
on:
push:
paths:
- ".github/workflows/*.yml"
- "Website/**"
- "Supporting*Resources/v2.0/Datamodel/Datafiles/*.yml"
jobs:
lintModelv20:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: yaml-lint
uses: ibiqlik/action-yamllint@master
with:
file_or_dir: "Supporting*Resources/v2.0/Datamodel/Datafiles/*.yml"
config_file: .yamllint
generate-markdown:
runs-on: ubuntu-18.04
needs: lintModelv20
steps:
- uses: actions/checkout@v2
- name: "Create output dir and copy files to override spaces in directories"
run: |
cp -r Supporting\ Resources/v2.0/Datamodel/Datafiles .
mkdir output
- name: "Process datafiles"
uses: docker://fzipi/owasp-samm-preprocess-yaml:version-0.3.5
with:
args: "-d Datafiles -o output"
- name: "Process artifacts"
run: |
mkdir -p business-function/practice/stream
BASE=output/markdown
cp "$BASE"/{Design.md,Governance.md,Implementation.md,Operations.md,Verification.md} business-function
cp "$BASE"/*-??-?.md business-function/practice/stream
cp "$BASE"/*-??.md business-function/practice
- name: "Upload artifacts"
uses: actions/upload-artifact@v1
with:
name: markdown
path: business-function
build:
runs-on: ubuntu-18.04
needs: generate-markdown
steps:
- uses: actions/checkout@v2
- name: Checkout submodules
shell: bash
run: |
auth_header="$(git config --local --get http.https://github.com/.extraheader)"
git submodule sync --recursive
git -c "http.extraheader=$auth_header" -c protocol.version=2 submodule update --init --force --recursive --depth=1
- name: Setup Hugo
uses: peaceiris/[email protected]
with:
hugo-version: '0.59.1'
extended: true
- uses: actions/download-artifact@v1
name: Download markdown-files
with:
name: markdown
- name: Production build
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
run: |
cp -r markdown/* Website/content/business-function
hugo --gc --minify -v --cleanDestinationDir --environment production -s Website -d public
- name: Staging build
# Note: By default, a workflow only runs when a pull_request's activity type is opened, synchronize, or reopened
if: github.ref != 'refs/heads/master'
run: |
cp -r markdown/* Website/content/business-function
hugo --gc --minify -v --cleanDestinationDir --environment staging -s Website -d public
- name: "Upload hugo artifacts"
uses: actions/upload-artifact@v1
with:
name: webpage
path: Website/public
deploy:
runs-on: ubuntu-18.04
needs: build
steps:
- uses: actions/download-artifact@v1
name: Download website files
with:
name: webpage
- name: "Deploy to Netlify"
# Note: By default, a workflow only runs when a pull_request's activity type is opened, synchronize, or reopened
uses: fzipi/netlify-actions/cli@master
with:
args: deploy --dir webpage
env:
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
- name: "Deploy to Github"
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
uses: peaceiris/[email protected]
env:
ACTIONS_DEPLOY_KEY: ${{ secrets.ACTIONS_DEPLOY_KEY }}
PUBLISH_BRANCH: gh-pages
PUBLISH_DIR: webpage/