mirror of
https://github.com/jlengrand/error-prone-support.git
synced 2026-03-10 08:11:25 +00:00
7b81dc44e5
This new release is published using GitHub Packages rather than JitPack. This comes with a simpler release setup and a (hopefully) more stable package repository. A minor downside is that GitHub Packages require authenticated access, even for read access. The documentation has been updated accordingly. The new release is no longer published using a custom groupId, enabling some build simplifications. While there, some obsolete fork-related documentation and configuration is dropped. See: - https://github.com/PicnicSupermarket/error-prone/releases/tag/v2.36.0-picnic-2 - https://github.com/PicnicSupermarket/error-prone/compare/v2.36.0-picnic-1...v2.36.0-picnic-2
87 lines
3.0 KiB
YAML
87 lines
3.0 KiB
YAML
name: Update `error-prone.picnic.tech` website content
|
|
on:
|
|
pull_request:
|
|
push:
|
|
branches: [ master, website ]
|
|
permissions:
|
|
contents: read
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- name: Install Harden-Runner
|
|
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
|
|
with:
|
|
disable-sudo: true
|
|
egress-policy: block
|
|
allowed-endpoints: >
|
|
api.adoptium.net:443
|
|
api.github.com:443
|
|
bestpractices.coreinfrastructure.org:443
|
|
blog.picnic.nl:443
|
|
docs.github.com:443
|
|
errorprone.info:443
|
|
github.com:443
|
|
img.shields.io:443
|
|
index.rubygems.org:443
|
|
jitpack.io:443
|
|
maven.apache.org:443
|
|
objects.githubusercontent.com:443
|
|
pitest.org:443
|
|
repo.maven.apache.org:443
|
|
rubygems.org:443
|
|
search.maven.org:443
|
|
securityscorecards.dev:443
|
|
sonarcloud.io:443
|
|
www.baeldung.com:443
|
|
www.bestpractices.dev:443
|
|
www.youtube.com:443
|
|
youtrack.jetbrains.com:443
|
|
- name: Check out code
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
with:
|
|
persist-credentials: false
|
|
- uses: ruby/setup-ruby@bfefad842bb982ff05b233bcbc1571d97a87e69f # v1.206.0
|
|
with:
|
|
working-directory: ./website
|
|
bundler-cache: true
|
|
- name: Configure Github Pages
|
|
uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
|
|
- name: Generate documentation
|
|
run: ./generate-docs.sh
|
|
- name: Build website with Jekyll
|
|
working-directory: ./website
|
|
run: bundle exec jekyll build
|
|
- name: Validate HTML output
|
|
working-directory: ./website
|
|
# XXX: Drop `--disable_external true` once we fully adopted the
|
|
# "Refaster rules" terminology on our website and in the code.
|
|
run: bundle exec htmlproofer --disable_external true --check-external-hash false ./_site
|
|
- name: Upload website as artifact
|
|
uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1
|
|
with:
|
|
path: ./website/_site
|
|
deploy:
|
|
if: github.ref == 'refs/heads/website'
|
|
needs: build
|
|
permissions:
|
|
id-token: write
|
|
pages: write
|
|
runs-on: ubuntu-24.04
|
|
environment:
|
|
name: github-pages
|
|
url: ${{ steps.deployment.outputs.page_url }}
|
|
steps:
|
|
- name: Install Harden-Runner
|
|
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
|
|
with:
|
|
disable-sudo: true
|
|
egress-policy: block
|
|
allowed-endpoints: >
|
|
api.github.com:443
|
|
- name: Deploy to GitHub Pages
|
|
id: deployment
|
|
uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
|