mirror of
https://github.com/mandiant/capa.git
synced 2025-12-24 03:57:34 -08:00
135 lines
3.9 KiB
YAML
135 lines
3.9 KiB
YAML
name: deploy web to GitHub Pages
|
|
|
|
on:
|
|
push:
|
|
branches: [ master ]
|
|
paths:
|
|
- 'web/**'
|
|
|
|
# Allows to run this workflow manually from the Actions tab
|
|
workflow_dispatch:
|
|
|
|
# Sets the GITHUB_TOKEN permissions to allow deployment to GitHub Pages
|
|
permissions:
|
|
contents: read
|
|
pages: write
|
|
id-token: write
|
|
|
|
# Allow one concurrent deployment
|
|
concurrency:
|
|
group: 'pages'
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
build-landing-page:
|
|
name: Build landing page
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
- uses: actions/upload-artifact@v4
|
|
with:
|
|
name: landing-page
|
|
path: './web/public'
|
|
|
|
build-explorer:
|
|
name: Build capa Explorer Web
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
submodules: 'recursive'
|
|
fetch-depth: 1
|
|
show-progress: true
|
|
- name: Set up Node
|
|
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
|
|
with:
|
|
node-version: 20
|
|
cache: 'npm'
|
|
cache-dependency-path: './web/explorer/package-lock.json'
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
working-directory: ./web/explorer
|
|
- name: Generate release bundle
|
|
run: npm run build:bundle
|
|
working-directory: ./web/explorer
|
|
- name: Zip release bundle
|
|
run: zip -r public/capa-explorer-web.zip capa-explorer-web
|
|
working-directory: ./web/explorer
|
|
- name: Build
|
|
run: npm run build
|
|
working-directory: ./web/explorer
|
|
- uses: actions/upload-artifact@v4
|
|
with:
|
|
name: explorer
|
|
path: './web/explorer/dist'
|
|
|
|
build-rules:
|
|
name: Build rules site
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out the repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
submodules: 'recursive'
|
|
# full depth so that capa-rules has a full history
|
|
# and we can construct a timeline of rule updates.
|
|
fetch-depth: 0
|
|
- name: Set up Python
|
|
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
|
|
with:
|
|
python-version: '3.12'
|
|
- uses: extractions/setup-just@v2
|
|
- name: Install pagefind
|
|
uses: supplypike/setup-bin@v4
|
|
with:
|
|
uri: "https://github.com/CloudCannon/pagefind/releases/download/v1.1.0/pagefind-v1.1.0-x86_64-unknown-linux-musl.tar.gz"
|
|
name: "pagefind"
|
|
version: "1.1.0"
|
|
- name: Install dependencies
|
|
working-directory: ./web/rules
|
|
run: pip install -r requirements.txt
|
|
- name: Build the website
|
|
working-directory: ./web/rules
|
|
run: just build
|
|
- name: Index the website
|
|
working-directory: ./web/rules
|
|
run: pagefind --site "public"
|
|
# upload the build website to artifacts
|
|
# so that we can download and inspect, if desired.
|
|
- uses: actions/upload-artifact@v4
|
|
with:
|
|
name: rules
|
|
path: './web/rules/public'
|
|
|
|
deploy:
|
|
name: Deploy site to GitHub Pages
|
|
environment:
|
|
name: github-pages
|
|
url: ${{ steps.deployment.outputs.page_url }}
|
|
runs-on: ubuntu-latest
|
|
needs: [build-landing-page, build-explorer, build-rules]
|
|
steps:
|
|
- uses: actions/download-artifact@v4
|
|
with:
|
|
name: landing-page
|
|
path: './public/'
|
|
- uses: actions/download-artifact@v4
|
|
with:
|
|
name: explorer
|
|
path: './public/explorer'
|
|
- uses: actions/download-artifact@v4
|
|
with:
|
|
name: rules
|
|
path: './public/rules'
|
|
- name: Setup Pages
|
|
uses: actions/configure-pages@v4
|
|
- name: Upload artifact
|
|
uses: actions/upload-pages-artifact@v3
|
|
with:
|
|
path: './public'
|
|
- name: Deploy to GitHub Pages
|
|
id: deployment
|
|
uses: actions/deploy-pages@v4
|