Add a vendor assessement to the security page. (#774) #529
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test | |
on: | |
push: | |
branches: [ master, main ] | |
pull_request: | |
branches: [ master, main ] | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
name: Build Jekyll site for testing | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build the site in the Jekyll/builder container | |
run: | | |
docker run \ | |
-v ${{ github.workspace }}:/srv/jekyll -v ${{ github.workspace }}/_site:/srv/jekyll/_site \ | |
jekyll/builder:latest /bin/bash -c "chmod -R 777 /srv/jekyll && jekyll build --future" | |
- name: List result of Jekyll build | |
run: | | |
ls _site/ -l | |
ls _site/assets -l | |
# - name: Copy assets | |
# run: cp -r assets _site/assets | |
- name: Publish built site | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Built site ${{ github.run_number }} | |
path: ./_site | |
if-no-files-found: error | |
validate: | |
runs-on: ubuntu-latest | |
name: Validate HTML | |
needs: [build] | |
steps: | |
- name: Fetch built site | |
uses: actions/download-artifact@v4 | |
with: | |
name: Built site ${{ github.run_number }} | |
path: ./_site | |
- name: HTML5 Validator | |
uses: Cyb3r-Jak3/[email protected] | |
with: | |
root: _site/ | |
skip_git_check: true | |
check-links: | |
runs-on: ubuntu-latest | |
name: Check links | |
needs: [build] | |
steps: | |
- name: Fetch built site | |
uses: actions/download-artifact@v4 | |
with: | |
name: Built site ${{ github.run_number }} | |
path: ./_site | |
- name: Install link check dependencies | |
run: pip install pytest-check-links | |
# TODO: we are not checking absolute links as pytest plugins does not support them | |
# ignore github requests as we get 429 too many requests checking GitHub user profiles in about.html | |
# ignore opensource.org since we are getting a 403 forbidden from this check run on github | |
- name: Check links | |
run: | | |
pytest _site/ --check-links \ | |
--check-links-ignore "https://.*linkedin.com/.*" \ | |
--check-links-ignore "/" \ | |
--check-links-ignore "https://www.nyu.edu/" \ | |
--check-links-ignore ".github/images/netlify-preview.png" \ | |
--check-links-ignore ".*help.medium.com.*" \ | |
--check-links-ignore "https://twitter.com/.*" \ | |
--check-links-ignore "https://jupytercon.com" \ | |
--check-links-ignore "https://www.netapp.com" \ | |
--check-links-ignore "https://github.com/[^/]+/?$" \ | |
--check-links-ignore "https://opensource.org/licenses/BSD-3-Clause" | |
lighthouse: | |
runs-on: ubuntu-latest | |
name: Audit with Lighthouse | |
needs: [build] | |
steps: | |
- name: Fetch repository for `lighthouserc.json` | |
uses: actions/checkout@v2 | |
- name: Fetch built site | |
uses: actions/download-artifact@v4 | |
with: | |
name: Built site ${{ github.run_number }} | |
path: ./_site | |
- name: Audit with Lighthouse | |
uses: treosh/lighthouse-ci-action@v10 | |
with: | |
configPath: ".github/workflows/lighthouserc.json" | |
temporaryPublicStorage: true | |
uploadArtifacts: true | |
# Multiple runs for more stable results. If builds are too slow, we can try to reduce this. | |
runs: 4 |