Build Master #302
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Master | |
| on: | |
| push: | |
| branches: | |
| - master | |
| paths-ignore: | |
| - 'scripts/**' | |
| - '.gitignore' | |
| - '.github/**' | |
| - 'book/**' | |
| workflow_dispatch: | |
| concurrency: build_master | |
| permissions: | |
| packages: write | |
| id-token: write | |
| contents: write | |
| jobs: | |
| run-translation: | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/hacktricks-wiki/hacktricks-cloud/translator-image:latest | |
| environment: prod | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 #Needed to download everything to be able to access the master & language branches | |
| # Build the mdBook | |
| - name: Build mdBook | |
| run: MDBOOK_BOOK__LANGUAGE=en mdbook build || (echo "Error logs" && cat hacktricks-preprocessor-error.log && echo "" && echo "" && echo "Debug logs" && (cat hacktricks-preprocessor.log | tail -n 20) && exit 1) | |
| - name: Push search index to hacktricks-searchindex repo | |
| shell: bash | |
| env: | |
| PAT_TOKEN: ${{ secrets.PAT_TOKEN }} | |
| run: | | |
| set -euo pipefail | |
| ASSET="book/searchindex.js" | |
| TARGET_REPO="HackTricks-wiki/hacktricks-searchindex" | |
| FILENAME="searchindex-cloud-en.js" | |
| if [ ! -f "$ASSET" ]; then | |
| echo "Expected $ASSET to exist after build" >&2 | |
| exit 1 | |
| fi | |
| TOKEN="${PAT_TOKEN}" | |
| if [ -z "$TOKEN" ]; then | |
| echo "No PAT_TOKEN available" >&2 | |
| exit 1 | |
| fi | |
| # Clone the searchindex repo | |
| git clone https://x-access-token:${TOKEN}@github.com/${TARGET_REPO}.git /tmp/searchindex-repo | |
| cd /tmp/searchindex-repo | |
| git config user.name "GitHub Actions" | |
| git config user.email "[email protected]" | |
| # Create a fresh orphan branch (no history) | |
| git checkout --orphan new-main | |
| # Remove all existing files from git index | |
| git rm -rf . 2>/dev/null || true | |
| # Copy and compress the searchindex file | |
| cp "$ASSET" "${FILENAME}" | |
| gzip -9 -k -f "$ASSET" | |
| cp "${ASSET}.gz" "${FILENAME}.gz" | |
| # Show compression stats | |
| ORIGINAL_SIZE=$(wc -c < "$ASSET") | |
| COMPRESSED_SIZE=$(wc -c < "${ASSET}.gz") | |
| RATIO=$(awk "BEGIN {printf \"%.1f\", ($COMPRESSED_SIZE / $ORIGINAL_SIZE) * 100}") | |
| echo "Compression: ${ORIGINAL_SIZE} bytes -> ${COMPRESSED_SIZE} bytes (${RATIO}%)" | |
| # Add all files from other workflows (if they exist) | |
| git checkout main -- . 2>/dev/null || true | |
| # Add our new files (will overwrite if they existed) | |
| cp "$ASSET" "${FILENAME}" | |
| cp "${ASSET}.gz" "${FILENAME}.gz" | |
| # Create README if it doesn't exist | |
| if [ ! -f "README.md" ]; then | |
| echo "# HackTricks Search Index Repository" > README.md | |
| echo "" >> README.md | |
| echo "This repository contains searchindex files for HackTricks and HackTricks Cloud." >> README.md | |
| echo "Files are automatically generated and updated by GitHub Actions." >> README.md | |
| echo "" >> README.md | |
| echo "⚠️ This repository is reset periodically to keep history clean." >> README.md | |
| fi | |
| # Stage all files | |
| git add -A | |
| # Commit with timestamp | |
| TIMESTAMP=$(date -u +"%Y-%m-%d %H:%M:%S UTC") | |
| git commit -m "Update searchindex files - ${TIMESTAMP}" | |
| # Force push to replace main branch (deletes history) | |
| git push -f origin new-main:main | |
| echo "Successfully reset repository and pushed searchindex files" | |
| # Login in AWs | |
| - name: Configure AWS credentials using OIDC | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN }} | |
| aws-region: us-east-1 | |
| # Sync the build to S3 | |
| - name: Sync to S3 | |
| run: aws s3 sync ./book s3://hacktricks-cloud/en --delete | |