Skip to content

Build Platform Docs #30

Build Platform Docs

Build Platform Docs #30

name: Build Platform Docs
on:
schedule:
- cron: "0 0 * * *"
workflow_dispatch:
push:
branches:
- platform-docs
env:
PLATFORM_CHANGELOG: "autodocs/platform-changelog.md"
jobs:
check-new-docs:
runs-on: ubuntu-latest
if: github.repository == 'chainguard-dev/edu'
permissions:
contents: read # reads from the repo
id-token: write # federates to talk to storage
outputs:
status: ${{ steps.compare-releases.outputs.status }}
latest: ${{ steps.compare-releases.outputs.latest }}
steps:
- name: 'Github Actions Runner'
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: 'Checkout default branch to $GITHUB_WORKSPACE dir'
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@62cf5bd3e4211a0a0b51f2c6d6a37129d828611d # v2.1.5
with:
service_account: "github-chainguard-academy@chainguard-academy.iam.gserviceaccount.com"
workload_identity_provider: "projects/456977358484/locations/global/workloadIdentityPools/chainguard-academy/providers/chainguard-edu"
- id: compare-releases
name: 'Compare published docs to upstream releases'
run: |
latest=$(gcloud storage cat \
"gs://chainguard-academy/enforce-changelog/changelog.md" | \
awk '/###/ {print $NF}' | \
head -n 1)
current=$(awk '/###/ {print $NF}' \
${{ env.PLATFORM_CHANGELOG }} | \
head -n 1)
if [ "$current" != "$latest" ]; then
echo "status=outdated" >> $GITHUB_OUTPUT
echo "latest=$latest" >> $GITHUB_OUTPUT
fi
- name: Post failure notice to Slack
uses: rtCamp/action-slack-notify@4e5fb42d249be6a45a298f3c9543b111b02f7907 # v2.3.0
if: ${{ failure() }}
env:
SLACK_ICON: http://github.com/chainguard-dev.png?size=48
SLACK_USERNAME: guardian
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_CHANNEL: 'alerts-edu'
SLACK_COLOR: '#8E1600'
MSG_MINIMAL: 'true'
SLACK_TITLE: 'AutoDocs Platform failed - ${{ github.repository }}'
SLACK_MESSAGE: |
For detailed logs: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
integrate-platform-docs:
runs-on: ubuntu-latest
permissions:
contents: read # reads from the repo
id-token: write # federates with GCP and Sigstore
needs: check-new-docs
if: needs.check-new-docs.outputs.status == 'outdated'
steps:
- name: 'Github Actions Runner'
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: 'Checkout default branch to $GITHUB_WORKSPACE dir'
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: 'Setup gitsign'
uses: chainguard-dev/actions/setup-gitsign@main
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@62cf5bd3e4211a0a0b51f2c6d6a37129d828611d # v2.1.5
with:
service_account: "github-chainguard-academy@chainguard-academy.iam.gserviceaccount.com"
workload_identity_provider: "projects/456977358484/locations/global/workloadIdentityPools/chainguard-academy/providers/chainguard-edu"
- uses: ./.github/workflows/integrate-platform-docs
with:
project_id: "${{ secrets.PROJECT_ID }}"
storage_bucket: "${{ secrets.STORAGE_BUCKET }}"
platform_changelog: "${{ env.PLATFORM_CHANGELOG }}"
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: 16
- name: Update themes
run: git submodule update --init --recursive
- name: npm install
run: npm install
- name: npm run build
run: npm run build
- name: Set up Octo-STS
uses: chainguard-dev/octo-sts-action@6177b4481c00308b3839969c3eca88c96a91775f # v1.0.0
id: octo-sts
with:
scope: chainguard-dev/edu
identity: edu
- name: Create a PR
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
id: cpr
with:
token: ${{ steps.octo-sts.outputs.token }}
commit-message: Update Images Reference
title: "[AutoDocs] Update Platform Docs"
body: "Platform docs ${{needs.check-new-docs.outputs.latest}} autocommit"
signoff: true
labels: |
documentation
platform
automated
assignees: erikaheidi
- name: Post failure notice to Slack
uses: rtCamp/action-slack-notify@4e5fb42d249be6a45a298f3c9543b111b02f7907 # v2.3.0
if: ${{ failure() }}
env:
SLACK_ICON: http://github.com/chainguard-dev.png?size=48
SLACK_USERNAME: guardian
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_CHANNEL: 'alerts-edu'
SLACK_COLOR: '#8E1600'
MSG_MINIMAL: 'true'
SLACK_TITLE: 'AutoDocs Platform failed - ${{ github.repository }}'
SLACK_MESSAGE: |
For detailed logs: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}