Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud #285
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Master | |
| on: | |
| push: | |
| branches: | |
| - master | |
| paths-ignore: | |
| - 'scripts/**' | |
| - '.gitignore' | |
| - '.github/**' | |
| - 'book/**' | |
| workflow_dispatch: | |
| concurrency: build_master | |
| permissions: | |
| packages: write | |
| id-token: write | |
| contents: write | |
| jobs: | |
| run-translation: | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/hacktricks-wiki/hacktricks-cloud/translator-image:latest | |
| environment: prod | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 #Needed to download everything to be able to access the master & language branches | |
| # Build the mdBook | |
| - name: Build mdBook | |
| run: MDBOOK_BOOK__LANGUAGE=en mdbook build || (echo "Error logs" && cat hacktricks-preprocessor-error.log && echo "" && echo "" && echo "Debug logs" && (cat hacktricks-preprocessor.log | tail -n 20) && exit 1) | |
| - name: Update searchindex in repo (purge history, keep current on HEAD) | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| pwd | |
| ls -la | |
| ls -la book | |
| git config --global --add safe.directory /__w/hacktricks-cloud/hacktricks-cloud | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "Build master" | |
| git config pull.rebase false | |
| # Ensure we're on the target branch and up to date | |
| # Handle force-pushed branches by resetting to origin/master | |
| git fetch origin | |
| git reset --hard origin/master | |
| # Choose the file to keep at HEAD: | |
| # 1) Prefer freshly built version from book/ | |
| # 2) Fallback to the file currently at HEAD (if it exists) | |
| HAS_FILE=0 | |
| if [ -f "book/searchindex.js" ]; then | |
| cp "book/searchindex.js" /tmp/sidx.js | |
| HAS_FILE=1 | |
| elif git cat-file -e "HEAD:searchindex.js" 2>/dev/null; then | |
| git show "HEAD:searchindex.js" > /tmp/sidx.js | |
| HAS_FILE=1 | |
| fi | |
| # Skip if there's nothing to purge AND nothing to keep | |
| if [ "$HAS_FILE" = "1" ] || git rev-list -n 1 HEAD -- "searchindex.js" >/dev/null 2>&1; then | |
| # Fail early if working tree is dirty (avoid confusing rewrites) | |
| git diff --quiet || { echo "Working tree has uncommitted changes; aborting purge." >&2; exit 1; } | |
| # Install git-filter-repo and ensure it's on PATH | |
| python -m pip install --quiet --user git-filter-repo | |
| export PATH="$HOME/.local/bin:$PATH" | |
| # Rewrite ONLY the current branch, dropping all historical blobs of searchindex.js | |
| git filter-repo --force --path "searchindex.js" --invert-paths --refs "$(git symbolic-ref -q HEAD)" | |
| # Re-add the current version on top of rewritten history (keep it in HEAD) | |
| if [ "$HAS_FILE" = "1" ]; then | |
| mv /tmp/sidx.js "searchindex.js" | |
| git add "searchindex.js" | |
| git commit -m "Update searchindex (purged history; keep current)" | |
| else | |
| echo "No current searchindex.js to re-add after purge." | |
| fi | |
| # Safer force push (only updates if remote hasn't advanced) | |
| git push --force-with-lease | |
| else | |
| echo "Nothing to purge; skipping." | |
| fi | |
| # Login in AWs | |
| - name: Configure AWS credentials using OIDC | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN }} | |
| aws-region: us-east-1 | |
| # Sync the build to S3 | |
| - name: Sync to S3 | |
| run: aws s3 sync ./book s3://hacktricks-cloud/en --delete | |