Restrict token permissions and add OpenSSF badge to repository (#100) #43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Deploy Documentation | |
| on: | |
| push: | |
| branches: ["main"] | |
| workflow_dispatch: | |
| env: | |
| PUBLIC_SIMICS_PKGS_URL: "https://registrationcenter-download.intel.com/akdlm/IRC_NAS/ead79ef5-28b5-48c7-8d1f-3cde7760798f/simics-6-packages-2024-05-linux64.ispm" | |
| PUBLIC_SIMICS_ISPM_URL: "https://registrationcenter-download.intel.com/akdlm/IRC_NAS/ead79ef5-28b5-48c7-8d1f-3cde7760798f/intel-simics-package-manager-1.8.3-linux64.tar.gz" | |
| PUBLIC_SIMICS_PACKAGE_VERSION_1000: "6.0.185" | |
| permissions: | |
| contents: read | |
| pages: write | |
| id-token: write | |
| concurrency: | |
| group: "pages" | |
| cancel-in-progress: false | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| steps: | |
| - name: Add ISPM to PATH | |
| run: | | |
| echo "${HOME}/simics/ispm/" >> "${GITHUB_PATH}" | |
| - name: Install Dependencies | |
| run: | | |
| sudo apt-get -y update && \ | |
| sudo apt-get -y install curl | |
| - uses: actions/checkout@v4 | |
| - uses: dtolnay/rust-toolchain@nightly | |
| - name: Install mdBook | |
| run: | | |
| cargo install mdbook mdbook-linkcheck | |
| - name: Build mdBook | |
| run: | | |
| pushd docs || exit 1 | |
| mdbook build | |
| popd || exit 1 | |
| - name: Cache SIMICS Dependencies | |
| id: cache-simics-packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/simics | |
| key: simics-linux-${{ env.PUBLIC_SIMICS_PACKAGE_VERSION_1000 }} | |
| - name: Install SIMICS (External) | |
| if: ${{ steps.cache-simics-packages.outputs.cache-hit != 'true' }} | |
| run: | | |
| mkdir -p "${HOME}/simics/ispm/" && \ | |
| curl --noproxy '*.intel.com' -L -o "${HOME}/simics/ispm.tar.gz" \ | |
| "${{ env.PUBLIC_SIMICS_ISPM_URL }}" && \ | |
| curl --noproxy '*.intel.com' -L -o "${HOME}/simics/simics.ispm" \ | |
| "${{ env.PUBLIC_SIMICS_PKGS_URL }}" && \ | |
| tar -C "${HOME}/simics/ispm" --strip-components=1 \ | |
| -xvf "${HOME}/simics/ispm.tar.gz" | |
| - name: Set up SIMICS Install Directory | |
| run: | | |
| ispm settings install-dir "${HOME}/simics" | |
| - name: Install SIMICS Packages | |
| if: ${{ steps.cache-simics-packages.outputs.cache-hit != 'true' }} | |
| run: | | |
| ispm packages --install-bundle "${HOME}/simics/simics.ispm" \ | |
| --non-interactive --trust-insecure-packages | |
| - name: Generate SIMICS Documentation | |
| run: | | |
| ispm projects "$(pwd)" --create --ignore-existing-files --non-interactive | |
| ./documentation -o docs/book/html/simics --dont-open --project "$(pwd)" | |
| - name: Generate Crate Documentation | |
| run: | | |
| SIMICS_BASE="${HOME}/simics/simics-${{ env.PUBLIC_SIMICS_PACKAGE_VERSION_1000 }}" RUSTDOCFLAGS="--enable-index-page -Zunstable-options" TSFFS_TESTS_SKIP_BUILD=1 cargo doc --document-private-items --workspace --no-deps | |
| cp -a target/doc/ docs/book/html/crates/ | |
| - name: Set Documentation Permissions | |
| run: | | |
| sudo chown -R "$USER:$USER" docs | |
| sudo chmod -R 755 docs | |
| sudo chmod -c -R +rX docs/ | while read -r line; do | |
| echo "::warning title=Invalid file permissions automatically fixed::$line" | |
| done | |
| - name: Setup Pages | |
| uses: actions/configure-pages@v3 | |
| - name: Upload artifact | |
| uses: actions/upload-pages-artifact@v2 | |
| with: | |
| path: "./docs/book/html/" | |
| - name: Deploy to GitHub Pages | |
| id: deployment | |
| uses: actions/deploy-pages@v2 |