docs: Added new recommendations for Azure bastion hosts (#586) #460
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Workflow for building and deploying a Hugo site to GitHub Pages | |
| name: Deploy Hugo site to Pages | |
| on: | |
| # Runs on pushes targeting the default branch | |
| push: | |
| branches: | |
| - main | |
| - dev-tools | |
| paths: | |
| - "docs/**" | |
| - "azure-resources/**/recommendations.yaml" | |
| - "azure-resources/**/*.md" | |
| - "azure-specialized-workloads/**/recommendations.yaml" | |
| - "azure-specialized-workloads/**/*.md" | |
| - "azure-waf/**/recommendations.yaml" | |
| - "azure-waf/**/*.md" | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: {} | |
| permissions: | |
| contents: read | |
| # Allow one concurrent deployment | |
| concurrency: | |
| group: "pages" | |
| cancel-in-progress: true | |
| # Default to bash | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| # Build job | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| HUGO_VERSION: 0.140.0 | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 | |
| with: | |
| egress-policy: audit | |
| - name: Install Hugo CLI | |
| run: | | |
| wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \ | |
| && sudo dpkg -i ${{ runner.temp }}/hugo.deb | |
| - name: Install Dart Sass Embedded | |
| run: sudo snap install dart-sass-embedded | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| submodules: recursive | |
| fetch-depth: 0 | |
| - name: Setup Python | |
| uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
| with: | |
| python-version: "3.12" # install the python version needed | |
| - name: Setup Pages | |
| id: pages | |
| uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 | |
| - name: Install Node.js dependencies | |
| run: "[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm ci || true" | |
| - name: Build with Hugo | |
| env: | |
| # For maximum backward compatibility with Hugo modules | |
| HUGO_ENVIRONMENT: production | |
| HUGO_ENV: production | |
| run: | | |
| hugo \ | |
| --gc \ | |
| --minify \ | |
| --baseURL "${{ steps.pages.outputs.base_url }}/" | |
| working-directory: . | |
| - name: Upload artifact | |
| uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 | |
| with: | |
| path: ./public | |
| # Deployment job | |
| deploy: | |
| permissions: | |
| pages: write | |
| id-token: write | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 | |
| with: | |
| egress-policy: audit | |
| - name: Deploy to GitHub Pages | |
| id: deployment | |
| uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 |