Skip to content

Build Website

Build Website #1400

Workflow file for this run

name: Build Website
on:
schedule:
- cron: "0 1,13 * * *"
workflow_dispatch:
jobs:
build:
name: Build Website
runs-on: ubuntu-22.04
steps:
- name: Maximize build space
uses: easimon/maximize-build-space@v10
with:
root-reserve-mb: 32768 # The Go cache (`~/.cache/go-build` and `~/go/pkg`) requires a lot of storage space.
remove-android: "true"
remove-docker-images: "true"
remove-dotnet: "true"
remove-haskell: "true"
- name: Set up Go 1.22
uses: actions/setup-go@v4
with:
go-version: '1.22'
id: go
- name: Setup Hugo
uses: peaceiris/actions-hugo@v3
with:
hugo-version: "0.126.1"
- name: Check out code into the Go module directory
uses: actions/checkout@v3
- name: Create build folder
run: mkdir avd-repo
- name: Checkout public vuln-list-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/vuln-list
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/vuln-list
- name: Checkout public vuln-list-nvd-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/vuln-list-nvd
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/vuln-list-nvd
- name: Checkout public vuln-list-redhat-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/vuln-list-redhat
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/vuln-list-redhat
- name: Checkout public kube-hunter-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/kube-hunter
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/kube-hunter-repo
- name: Checkout public cloud-security-remediation-guides-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/cloud-security-remediation-guides
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/remediations-repo
- name: Checkout public tracee-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/tracee
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/tracee-repo
- name: Checkout public cloudsploit-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/cloudsploit
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/cloudsploit-repo
- name: Checkout public trivy-policies-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/trivy-policies
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/trivy-policies-repo
- name: Checkout public kube-bench-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/kube-bench
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/kube-bench-repo
- name: Checkout public chain-bench-repo
uses: actions/checkout@v3
with:
repository: aquasecurity/chain-bench
token: ${{ secrets.ORG_REPO_TOKEN }}
path: avd-repo/chain-bench-repo
- name: Build generator
run: make md-clean md-build
- name: Sync avd-repo with latest changes from generator
run: make sync-all
- name: Build and Generate Markdown pages
run: make md-generate
## We have already created *.md files, so we can remove the repositories to save free space.
- name: Remove repositories
run: make remove-all-repos
- name: Generate Hugo website
run: make hugo-generate
- name: Copy assets
run: make copy-assets
- name: Deploy Search Index to MeiliSearch Instance
run: |
cd avd-repo
curl -H 'Content-Type: application/json' -H 'X-Meili-API-Key: ${{ secrets.SEARCHAPITOKEN }}' -X POST ${{ secrets.SEARCHAPIHOST }}/indexes/avd/documents?primaryKey=title --data @docs/searchindex.json
- name: Install AWS CLI
run: |
python3 -m venv .venv
source .venv/bin/activate
pip3 install awscli
- name: Sync changes to the bucket
run: aws s3 sync --no-progress --only-show-errors --size-only avd-repo/docs ${{ secrets.PROD_AVD_BUCKET }}
env:
AWS_ACCESS_KEY_ID: ${{ secrets.PROD_AVD_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.PROD_AVD_SECRET_ACCESS_KEY }}
AWS_REGION: us-east-1
- name: Microsoft Teams Notification
uses: skitionek/notify-microsoft-teams@master
if: failure()
with:
webhook_url: ${{ secrets.MSTEAMS_WEBHOOK }}
needs: ${{ toJson(needs) }}
job: ${{ toJson(job) }}
steps: ${{ toJson(steps) }}
keepalive-job: # needed to keep GitHub from disabling the actions due to inactivity
name: Keepalive Workflow
runs-on: ubuntu-latest
permissions:
actions: write
steps:
- uses: actions/checkout@v4
- uses: gautamkrishnar/keepalive-workflow@v2
notify-on-teams:
name: Notify github actions status in MS teams
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Microsoft Teams Notification
uses: skitionek/notify-microsoft-teams@master
if: always()
with:
webhook_url: ${{ secrets.MSTEAMS_WEBHOOK }}
needs: ${{ toJson(needs) }}
job: ${{ toJson(job) }}
steps: ${{ toJson(steps) }}