forked from usnistgov/oscal-content
-
Notifications
You must be signed in to change notification settings - Fork 2
104 lines (104 loc) · 4.04 KB
/
content-artifacts.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
on:
push:
branches:
- main
- develop
paths:
- 'src/**'
- 'oscal'
pull_request:
types: [opened, synchronize, reopened]
workflow_dispatch:
branches:
- main
- develop
name: Process Content Artifacts
env:
OSCAL_DIR_PATH: oscal
CICD_DIR_PATH: oscal/build/ci-cd
CONTENT_CONFIG_PATH: src/config
SAXON_VERSION: 9.9.0-1
HOME_REPO: usnistgov/oscal-content
jobs:
validate-and-publish-content:
name: Check, Convert and Validate Content
runs-on: ubuntu-18.04
steps:
# use this if checkout needs to be authenticated
- uses: actions/checkout@v2
if: github.repository == env.HOME_REPO && github.ref == 'refs/heads/main'
with:
path: git-content
submodules: recursive
token: ${{ secrets.COMMIT_TOKEN }}
# use this if checkout is anonymous
- uses: actions/checkout@v2
if: github.repository != env.HOME_REPO || github.ref != 'refs/heads/main'
with:
path: git-content
submodules: recursive
# job-validate-content
- name: Update APT package metadata
run: |
sudo rm -rf /var/lib/apt/lists/* && sudo apt-get update
- name: Install APT dependencies
run: |
sudo apt-get install libxml2-utils
- name: Install NPM dependencies
run: |
sudo npm install --loglevel verbose -g yargs ajv-formats@"^1.5.x" ajv-cli@"^4.0.x" yaml-convert@"^1.0.x"
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: 11
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Get Saxon-HE
run: |
mvn org.apache.maven.plugins:maven-dependency-plugin:2.10:get -DartifactId=Saxon-HE -DgroupId=net.sf.saxon -Dversion=$SAXON_VERSION
- name: Set up Python 3.x
uses: actions/setup-python@98f2ad02fd48d057ee3b4d4f66525b231c3e52b6 # current release v3.1.2
with:
python-version: '3.8'
architecture: 'x64'
cache: 'pip'
cache-dependency-path: |
git-content/${{ env.CICD_DIR_PATH }}/python/requirements.txt
- name: Install Python dependencies
run: |
pip install -r "${GITHUB_WORKSPACE}/git-content/${CICD_DIR_PATH}/python/requirements.txt"
- name: Validate Content
run:
# mkdir -p "${OSCAL_BUILD_DIR_PATH}"
bash "${GITHUB_WORKSPACE}/git-content/${CICD_DIR_PATH}/validate-content.sh" -o "${GITHUB_WORKSPACE}/git-content/${OSCAL_DIR_PATH}" -a "${GITHUB_WORKSPACE}/git-content" -c "${GITHUB_WORKSPACE}/git-content/${CONTENT_CONFIG_PATH}"
# job-copy-and-convert-content
- name: Auto-convert Content
run:
bash "${GITHUB_WORKSPACE}/git-content/${CICD_DIR_PATH}/copy-and-convert-content.sh" -o "${GITHUB_WORKSPACE}/git-content/${OSCAL_DIR_PATH}" -a "${GITHUB_WORKSPACE}/git-content" -c "${GITHUB_WORKSPACE}/git-content/${CONTENT_CONFIG_PATH}" -w "${GITHUB_WORKSPACE}/git-content" --resolve-profiles
- name: Zip Artifacts for Upload
if: always()
run: |
zip ${{ runner.temp }}/generated-content.zip -r .
working-directory: ${{ github.workspace }}
- uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
if: always()
with:
name: generated-content
path: |
${{ runner.temp }}/generated-content.zip
retention-days: 5
- name: Publish Artifacts
# only do this on main
if: github.repository == env.HOME_REPO && github.ref == 'refs/heads/main'
uses: stefanzweifel/[email protected]
with:
repository: git-content
push_options: --force
commit_message: Publishing auto-converted artifacts
commit_user_name: OSCAL GitHub Actions Bot
commit_user_email: [email protected]
commit_author: OSCAL GitHub Actions Bot <[email protected]>