Implement new rule firewall_single_service_active #12513
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Github Pages | |
on: | |
push: | |
branches: [ 'master' ] | |
pull_request: | |
branches: [ 'master', 'oscal-update-*' ] | |
merge_group: | |
branches: [ 'master' ] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.number || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
publish: | |
name: Publish stats, tables and guides | |
runs-on: ubuntu-latest | |
container: | |
image: fedora:latest | |
env: | |
PAGES_DIR: __pages | |
steps: | |
- name: Install Deps | |
run: dnf install -y cmake git ninja-build openscap-utils python3-pyyaml python3-jinja2 python3-pytest ansible-lint libxslt python3-pip rsync python3-lxml python3-setuptools | |
- name: Install deps python | |
run: pip3 install json2html prometheus_client | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
- name: Build | |
run: cmake .. -G Ninja -DCMAKE_BUILD_TYPE=Debug | |
working-directory: ./build | |
- name: Build Guides and Mapping Tables | |
run: ninja -j2 | |
working-directory: ./build | |
- name: Build Statistics | |
run: ninja html-stats html-profile-stats -j2 | |
working-directory: ./build | |
- name: Render Policies (Using control files) | |
run: ninja render-policies -j2 | |
working-directory: ./build | |
- name: Generate Prometheus Metrics | |
run: utils/controleval_metrics.py prometheus -p fedora ocp4 rhcos4 rhel10 rhel9 rhel8 sle12 sle15 -f ./build/policies_metrics | |
env: | |
PYTHONPATH: ${{ github.workspace }} | |
- name: Generate HTML pages | |
run: utils/generate_html_pages.sh $PAGES_DIR | |
shell: bash | |
env: | |
PYTHONPATH: ${{ github.workspace }} | |
- name: Configure git to trust the workspace despite the different owner | |
run: | |
git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
- name: Deploy | |
if: ${{ github.event_name == 'push' && github.repository == 'ComplianceAsCode/content' && github.ref == 'refs/heads/master' }} | |
uses: JamesIves/github-pages-deploy-action@15de0f09300eea763baee31dff6c6184995c5f6a # v4.7.2 | |
with: | |
branch: main # The branch the action should deploy to. | |
folder: ${{ env.PAGES_DIR }} # The folder the action should deploy. | |
clean-exclude: srg_mapping/* | |
repository-name: ComplianceAsCode/content-pages | |
single-commit: true | |
token: ${{ secrets.CONTENT_PAGES_TOKEN }} | |
git-config-name: openscap-ci | |
git-config-email: [email protected] | |
- name: Upload artifact if the event is pull request | |
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4 | |
if: ${{ github.event_name == 'pull_request' }} | |
with: | |
name: built-content | |
path: ${{ env.PAGES_DIR }} |