Merge pull request #159 from BackNot/samm-website-repository-dispatch #39
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Generate Web Markdown | |
| on: | |
| push: | |
| paths: | |
| - '.github/workflows/*.yml' | |
| - 'model/**/*.yml' | |
| tags: | |
| - '*' | |
| workflow_dispatch: | |
| inputs: | |
| release: | |
| description: 'Generate Web Markdown for this SAMM release' | |
| required: true | |
| type: string | |
| jobs: | |
| lintModelv20: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: yaml-lint | |
| run: | | |
| yamllint -c .yamllint -f github model | |
| generate-markdown: | |
| runs-on: ubuntu-latest | |
| needs: lintModelv20 | |
| steps: | |
| - name: 'Checkout using release is workflow dispatched' | |
| if: github.event_name == 'workflow_dispatch' | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ inputs.release }} | |
| - name: 'Checkout from ref when push' | |
| if: github.event_name == 'push' | |
| uses: actions/checkout@v3 | |
| - name: Inject slug/short variables | |
| uses: rlespinasse/github-slug-action@v4 | |
| - name: 'Set release env var from workflow dispatched' | |
| if: github.event_name == 'push' | |
| run: | | |
| echo "release_name=${GITHUB_REF_SLUG}" >> $GITHUB_ENV | |
| - name: 'Checkout using release is workflow dispatched' | |
| if: github.event_name == 'workflow_dispatch' | |
| run: | | |
| echo "release_name=${{ inputs.release }}" >> $GITHUB_ENV | |
| - name: 'Create output dir and copy files to override spaces in directories' | |
| run: | | |
| mkdir output | |
| - name: 'Generate model for website' | |
| uses: docker://backnot/owasp-samm-process-yaml-content:latest | |
| with: | |
| args: '-d model -o output' | |
| - name: 'Move generated files to common directory structure' | |
| run: | | |
| mkdir -p build/business-function/practice/stream | |
| BASE=output/markdown | |
| cp "$BASE"/{Design.md,Governance.md,Implementation.md,Operations.md,Verification.md} build/business-function | |
| cp "$BASE"/*-??-?.md build/business-function/practice/stream | |
| cp "$BASE"/*-??.md build/business-function/practice | |
| - name: Deploy | |
| uses: s0/git-publish-subdir-action@develop | |
| env: | |
| REPO: self | |
| BRANCH: markdown/${{ env.release_name }} | |
| FOLDER: build | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SQUASH_HISTORY: true | |
| # after changing something, we need to trigger the website build | |
| trigger-website-build: | |
| if: github.event_name == 'push' && github.ref_type == 'tag' | |
| runs-on: ubuntu-latest | |
| needs: generate-markdown | |
| steps: | |
| - name: Trigger Website Dispatch | |
| uses: peter-evans/repository-dispatch@v2 | |
| with: | |
| token: ${{ secrets.OWASP_SAMM_WEBSITE_TOKEN }} | |
| repository: owaspsamm/website | |
| event-type: samm-core-released | |
| client-payload: '{"release": "${{ github.ref_name }}"}' |