Merge pull request #27 from sonatype-nexus-community/roles #68
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Sample workflow for building and deploying a Hugo site to GitHub Pages | |
| name: Build & Validate Hugo Site | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages | |
| permissions: | |
| contents: read | |
| pages: write | |
| id-token: write | |
| # Default to bash | |
| defaults: | |
| run: | |
| shell: bash | |
| # Env Vars | |
| env: | |
| HUGO_VERSION: 0.128.0 | |
| jobs: | |
| # Build job | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install Hugo CLI | |
| run: | | |
| wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \ | |
| && sudo dpkg -i ${{ runner.temp }}/hugo.deb | |
| - name: Install Dart Sass | |
| run: sudo snap install dart-sass | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| fetch-depth: 0 | |
| - name: Setup Pages | |
| id: pages | |
| uses: actions/configure-pages@v5 | |
| - name: Install Node.js dependencies | |
| run: | |
| '[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm ci || | |
| true' | |
| - name: Build with Hugo | |
| env: | |
| HUGO_CACHEDIR: ${{ runner.temp }}/hugo_cache | |
| HUGO_ENVIRONMENT: production | |
| TZ: Etc/UTC | |
| run: | | |
| hugo \ | |
| --gc \ | |
| --minify \ | |
| --baseURL "${{ steps.pages.outputs.base_url }}/" | |
| code_quality: | |
| name: Code Quality | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| with: | |
| # Disabling shallow clone is recommended for improving relevancy of reporting | |
| fetch-depth: 0 | |
| - name: Install Node.js dependencies | |
| run: | |
| '[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm install | |
| --production || true' | |
| - name: Sonatype Lifecycle Evaluation | |
| id: evaluate | |
| uses: sonatype/actions/[email protected] | |
| with: | |
| iq-server-url: ${{ vars.SONATYPE_PLATFORM_URL }} | |
| username: ${{ secrets.SONATYPE_LIFECYCLE_USERNAME }} | |
| password: ${{ secrets.SONATYPE_LIFECYCLE_PASSWORD }} | |
| application-id: 'community-handbook.sonatype.com' | |
| scan-targets: '.' |