Bump actions/checkout from 3.1.0 to 4.1.0 #413
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| paths: | |
| - 'src/**' | |
| - 'oscal' | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| workflow_dispatch: | |
| branches: | |
| - main | |
| - develop | |
| name: Process Content Artifacts | |
| env: | |
| OSCAL_DIR_PATH: oscal | |
| CICD_DIR_PATH: oscal/build/ci-cd | |
| CONTENT_CONFIG_PATH: src/config | |
| JAVA_CLASSPATH: ${{ github.workspace}}/lib | |
| SAXON_VERSION: 9.9.0-1 | |
| HOME_REPO: usnistgov/oscal-content | |
| jobs: | |
| validate-and-publish-content: | |
| name: Check, Convert and Validate Content | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| # use this if checkout needs to be authenticated | |
| - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 | |
| if: github.repository == env.HOME_REPO && github.ref == 'refs/heads/main' | |
| with: | |
| path: git-content | |
| submodules: recursive | |
| token: ${{ secrets.COMMIT_TOKEN }} | |
| # use this if checkout is anonymous | |
| - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 | |
| if: github.repository != env.HOME_REPO || github.ref != 'refs/heads/main' | |
| with: | |
| path: git-content | |
| submodules: recursive | |
| - name: Set env | |
| run: | | |
| echo "SAXON_HOME=${JAVA_CLASSPATH}" >> $GITHUB_ENV | |
| echo "CALABASH_HOME=${JAVA_CLASSPATH}" >> $GITHUB_ENV | |
| - name: Update APT package metadata | |
| run: | | |
| sudo rm -rf /var/lib/apt/lists/* && sudo apt-get update | |
| - name: Install APT dependencies | |
| run: | | |
| sudo apt-get install libxml2-utils | |
| - name: Set up NodeJS | |
| uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 | |
| with: | |
| node-version-file: git-content/${{ env.OSCAL_DIR_PATH }}/build/.nvmrc | |
| cache: 'npm' | |
| cache-dependency-path: '**/package-lock.json' | |
| - name: Setup Dependencies | |
| run: | | |
| # NodeJS | |
| # If you are a developer and need to modify the workflow, be sure to review | |
| # the package.json and package-lock.json to ensure the following deps are | |
| # at least installed (they will be updated by dependabot): | |
| # - ajv-cli | |
| # - ajv-formats | |
| # - markdown-link-check | |
| # - yaml-convert | |
| npm ci | |
| echo "$PWD/node_modules/.bin/" >> $GITHUB_PATH | |
| working-directory: git-content/${{ env.OSCAL_DIR_PATH }}/build | |
| - name: Set up JDK | |
| uses: actions/setup-java@1df8dbefe2a8cbc99770194893dd902763bee34b | |
| with: | |
| java-version: 11 | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Install JDK Deps Saxon and XML Calabash | |
| run: | | |
| mkdir -p "${JAVA_CLASSPATH}" | |
| mvn dependency:copy-dependencies -DoutputDirectory="${JAVA_CLASSPATH}" | |
| working-directory: git-content/${{ env.OSCAL_DIR_PATH }}/build | |
| - name: Set up Python 3.x | |
| uses: actions/setup-python@13ae5bb136fac2878aff31522b9efb785519f984 | |
| with: | |
| python-version: '3.8' | |
| architecture: 'x64' | |
| cache: 'pip' | |
| cache-dependency-path: | | |
| git-content/${{ env.CICD_DIR_PATH }}/python/requirements.txt | |
| - name: Install Python dependencies | |
| run: | | |
| pip install -r requirements.txt | |
| working-directory: git-content/${{ env.CICD_DIR_PATH }}/python | |
| - name: Validate Content | |
| run: | |
| # mkdir -p "${OSCAL_BUILD_DIR_PATH}" | |
| bash "${GITHUB_WORKSPACE}/git-content/${CICD_DIR_PATH}/validate-content.sh" -o "${GITHUB_WORKSPACE}/git-content/${OSCAL_DIR_PATH}" -a "${GITHUB_WORKSPACE}/git-content" -c "${GITHUB_WORKSPACE}/git-content/${CONTENT_CONFIG_PATH}" | |
| # job-copy-and-convert-content | |
| - name: Auto-convert Content | |
| run: | |
| bash "${GITHUB_WORKSPACE}/git-content/${CICD_DIR_PATH}/copy-and-convert-content.sh" -o "${GITHUB_WORKSPACE}/git-content/${OSCAL_DIR_PATH}" -a "${GITHUB_WORKSPACE}/git-content" -c "${GITHUB_WORKSPACE}/git-content/${CONTENT_CONFIG_PATH}" -w "${GITHUB_WORKSPACE}/git-content" --resolve-profiles | |
| - name: Zip Artifacts for Upload | |
| if: always() | |
| run: | | |
| zip ${{ runner.temp }}/generated-content.zip -r . | |
| working-directory: ${{ github.workspace }} | |
| - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 | |
| if: always() | |
| with: | |
| name: generated-content | |
| path: | | |
| ${{ runner.temp }}/generated-content.zip | |
| retention-days: 5 | |
| - name: Publish Artifacts | |
| # only do this on main | |
| if: github.repository == env.HOME_REPO && github.ref == 'refs/heads/main' | |
| uses: stefanzweifel/git-auto-commit-action@3ea6ae190baf489ba007f7c92608f33ce20ef04a | |
| with: | |
| repository: git-content | |
| push_options: --force | |
| commit_message: Publishing auto-converted artifacts | |
| commit_user_name: OSCAL GitHub Actions Bot | |
| commit_user_email: [email protected] | |
| commit_author: OSCAL GitHub Actions Bot <[email protected]> |