Merge pull request #2541 from mandiant/dependabot/npm_and_yarn/web/ex… #34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy web to GitHub Pages | |
on: | |
push: | |
branches: [ master ] | |
paths: | |
- 'web/**' | |
# Allows to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
# Sets the GITHUB_TOKEN permissions to allow deployment to GitHub Pages | |
permissions: | |
contents: read | |
pages: write | |
id-token: write | |
# Allow one concurrent deployment | |
concurrency: | |
group: 'pages' | |
cancel-in-progress: true | |
jobs: | |
build-landing-page: | |
name: Build landing page | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: landing-page | |
path: './web/public' | |
build-explorer: | |
name: Build capa Explorer Web | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: 'recursive' | |
fetch-depth: 1 | |
show-progress: true | |
- name: Set up Node | |
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version: 20 | |
cache: 'npm' | |
cache-dependency-path: './web/explorer/package-lock.json' | |
- name: Install dependencies | |
run: npm ci | |
working-directory: ./web/explorer | |
- name: Generate release bundle | |
run: npm run build:bundle | |
working-directory: ./web/explorer | |
- name: Zip release bundle | |
run: zip -r public/capa-explorer-web.zip capa-explorer-web | |
working-directory: ./web/explorer | |
- name: Build | |
run: npm run build | |
working-directory: ./web/explorer | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: explorer | |
path: './web/explorer/dist' | |
build-rules: | |
name: Build rules site | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@v4 | |
with: | |
submodules: 'recursive' | |
# full depth so that capa-rules has a full history | |
# and we can construct a timeline of rule updates. | |
fetch-depth: 0 | |
- name: Set up Python | |
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 | |
with: | |
python-version: '3.12' | |
- uses: extractions/setup-just@v2 | |
- name: Install pagefind | |
uses: supplypike/setup-bin@v4 | |
with: | |
uri: "https://github.com/CloudCannon/pagefind/releases/download/v1.1.0/pagefind-v1.1.0-x86_64-unknown-linux-musl.tar.gz" | |
name: "pagefind" | |
version: "1.1.0" | |
- name: Install dependencies | |
working-directory: ./web/rules | |
run: pip install -r requirements.txt | |
- name: Build the website | |
working-directory: ./web/rules | |
run: just build | |
- name: Index the website | |
working-directory: ./web/rules | |
run: pagefind --site "public" | |
# upload the build website to artifacts | |
# so that we can download and inspect, if desired. | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: rules | |
path: './web/rules/public' | |
deploy: | |
name: Deploy site to GitHub Pages | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
runs-on: ubuntu-latest | |
needs: [build-landing-page, build-explorer, build-rules] | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
name: landing-page | |
path: './public/' | |
- uses: actions/download-artifact@v4 | |
with: | |
name: explorer | |
path: './public/explorer' | |
- uses: actions/download-artifact@v4 | |
with: | |
name: rules | |
path: './public/rules' | |
- name: Setup Pages | |
uses: actions/configure-pages@v4 | |
- name: Upload artifact | |
uses: actions/upload-pages-artifact@v3 | |
with: | |
path: './public' | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v4 |