33 - push
44 - pull_request
55jobs :
6- tools_changed :
6+ tools-changed :
77 continue-on-error : true
88 runs-on : ubuntu-22.04
99 outputs :
@@ -16,16 +16,48 @@ jobs:
1616 skip_after_successful_duplicate : " true"
1717 paths : ' ["code/**"]'
1818 do_not_skip : ' ["push", "workflow_dispatch", "schedule"]'
19- check_nix :
19+ check-nix :
2020 name : Check nix build
21- needs : tools_changed
21+ needs : tools-changed
2222 if : ${{ needs.tools_changed.outputs.should_skip != 'true' }}
2323 uses : ./.github/workflows/call-nix.yml
2424 check-advisories :
2525 name : Invoke check-advisories workflow
2626 if : ${{ needs.tools_changed.outputs.should_skip != 'true' }}
27- needs : check_nix
27+ needs : check-nix
2828 uses : ./.github/workflows/call-check-advisories.yml
2929 with :
3030 fetch-key : hsec-tools-${{ github.sha }}
3131 is-artifact : true
32+ generate-website :
33+ name : Generate advisories website
34+ if : ${{ github.ref == 'refs/heads/dev' }}
35+ needs : check-advisories
36+ runs-on : ubuntu-22.04
37+ steps :
38+ - uses : actions/checkout@v4
39+ with :
40+ path : source
41+ # We need to retrieve full history to determine the correct
42+ # `published` and `modified` timestamps
43+ fetch-depth : 0
44+ - run : mkdir -p ~/.local/dockerImages
45+ - name : Fetch artifact
46+ uses : actions/download-artifact@v3
47+ with :
48+ name : hsec-tools-${{ github.sha }}
49+ path : ~/.local/dockerImages
50+ - run : docker load -i ~/.local/dockerImages/hsec-tools
51+ - name : Generate the website
52+ run : |
53+ mkdir public
54+ docker run --rm -v $PWD:/repo --workdir /repo haskell/hsec-tools:latest /bin/hsec-tools generate-index . public
55+ cp public/by-dates.html public/index.html
56+ name : Deploy
57+ uses : s0/git-publish-subdir-action@develop
58+ env :
59+ REPO : self
60+ BRANCH : generated/gh-pages
61+ FOLDER : public
62+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
63+ SQUASH_HISTORY : true
0 commit comments