Skip to content

CI

CI #860

Workflow file for this run

name: CI
on:
schedule:
- cron: "13 13 * * *"
push:
branches: [master]
paths:
- ".github/workflows/**"
- "src/**"
- "theme/**"
- "book.toml"
- "Dockerfile"
pull_request:
branches: [master]
paths:
- ".github/workflows/**"
- "src/**"
- "theme/**"
- "book.toml"
- "Dockerfile"
env:
IMAGE_NAME: nikasproject/documentation
REGISTRY: ghcr.io
GITHUB_IMAGE_NAME: ${{ github.repository }}/documentation:latest
MDBOOK_VERSION: 0.4.21
jobs:
Pages:
name: Pages
runs-on: ubuntu-latest
steps:
- name: Cancel previous workflow
uses: styfle/cancel-workflow-action@0.11.0
with:
access_token: ${{ github.token }}
- name: Checkout Code
uses: actions/checkout@v4
- name: Install Rust
run: |
rustup set profile minimal
rustup toolchain install stable
rustup default stable
- name: Install mdbook
run: |
mkdir bin
curl -sSL https://github.com/rust-lang/mdBook/releases/download/v0.4.15/mdbook-v0.4.15-x86_64-unknown-linux-gnu.tar.gz | tar -xz --directory=bin
echo "$(pwd)/bin" >> $GITHUB_PATH
- name: Run tests
run: |
mdbook build
mdbook test
- name: Deploy GitHub Pages
if: github.event_name != 'pull_request'
uses: JamesIves/github-pages-deploy-action@v4.4.1
with:
branch: gh-pages
folder: book
Docker:
name: Docker
needs: Pages
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Get Current Date
id: date
run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
- name: Create image name
id: github-image
uses: ASzc/change-string-case-action@v5
with:
string: ${{ env.REGISTRY }}/${{ env.GITHUB_IMAGE_NAME }}
- name: Build image
run: docker build -t ${{ env.IMAGE_NAME }}:latest -t ${{ steps.github-image.outputs.lowercase }} --build-arg DATE_CREATED=${{ steps.date.outputs.date }} --build-arg MDBOOK_VERSION=${{ env.MDBOOK_VERSION }} .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ steps.github-image.outputs.lowercase }}
exit-code: "0"
ignore-unfixed: true
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
format: "template"
template: "@/contrib/sarif.tpl"
output: "trivy-results.sarif"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: "trivy-results.sarif"
- name: Push to Dockerhub
if: github.event_name != 'pull_request'
run: |
docker login -u hatamiarash7 -p "${{ secrets.DOCKERHUB_TOKEN }}"
docker push ${{ env.IMAGE_NAME }}:latest
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action@v2.2.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GB_TOKEN }}
- name: Push to ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
run: docker push ${{ steps.github-image.outputs.lowercase }}