Reference links/practices added to Safe C++ CG FAQ (#398) #748

Workflow file for this run

.github/workflows/publish.yml at d91a92e

	#
	# Copyright (c) 2024 The C++ Alliance, Inc. (https://cppalliance.org)
	#
	# Distributed under the Boost Software License, Version 1.0. (See accompanying
	# file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
	#
	# Official repository: https://github.com/boostorg/website-v2-docs
	#
	name: Build, Test and Upload Antora Docs
	on:
	push:
	branches:
	- '*'
	pull_request:
	branches:
	- master
	- develop
	workflow_dispatch:

	concurrency:
	group: ${{format('publish-{0}:{1}', github.repository, github.ref)}}
	cancel-in-progress: true

	jobs:
	build:
	strategy:
	fail-fast: false
	matrix:
	include:
	- { name: 'Ubuntu', os: ubuntu-22.04, publish: true }
	- { name: 'Windows', os: windows-2022 }
	- { name: 'MacOS', os: macos-latest }
	name: Publish Antora Docs (${{ matrix.name }})
	runs-on: ${{ matrix.os }}
	defaults:
	run:
	shell: bash
	steps:
	- name: Set environment for branches
	run: \|
	if [[ $GITHUB_REF == 'refs/heads/master' ]]; then
	echo "FASTLY_SERVICE_ID_1=${{ secrets.FASTLY_SERVICE_ID_PRODUCTION_1 }}" >> "$GITHUB_ENV"
	echo "FASTLY_SERVICE_ID_2=${{ secrets.FASTLY_SERVICE_ID_PRODUCTION_2 }}" >> "$GITHUB_ENV"
	elif [[ $GITHUB_REF == 'refs/heads/develop' ]]; then
	echo "FASTLY_SERVICE_ID_1=${{ secrets.FASTLY_SERVICE_ID_STAGE_1 }}" >> "$GITHUB_ENV"
	echo "FASTLY_SERVICE_ID_2=${{ secrets.FASTLY_SERVICE_ID_STAGE_2 }}" >> "$GITHUB_ENV"
	elif [[ $GITHUB_REF == 'refs/heads/cppal-dev' ]]; then
	# cppal-dev is a test branch in another fork. Doesn't need to be created in the main repo.
	echo "FASTLY_SERVICE_ID_1=${{ secrets.FASTLY_SERVICE_ID_CPPAL_DEV_1 }}" >> "$GITHUB_ENV"
	echo "FASTLY_SERVICE_ID_2=${{ secrets.FASTLY_SERVICE_ID_CPPAL_DEV_2 }}" >> "$GITHUB_ENV"
	fi

	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 10

	- name: Environment
	id: build
	shell: bash
	run: \|
	# Involved IDs
	before_id="${{ (github.event_name == 'pull_request' && github.event.pull_request.base.sha) \|\| github.event.before }}"
	after_id="${{ (github.event_name == 'pull_request' && github.event.pull_request.head.sha) \|\| github.event.after }}"

	# Sanitize before ID
	if ! git cat-file -e "$before_id" >/dev/null 2>&1; then
	echo "before_id is invalid"
	before_id=$(git rev-parse HEAD^)
	echo "before_id is now $before_id"
	fi

	if [ ${{ github.event_name }} = 'workflow_dispatch' ]; then
	# Assume anything might have changed
	changed_ui=true
	changed_ext=true
	changed_actions=true
	changed_libs=true
	changed_packages=true
	elif git cat-file -e "$before_id" >/dev/null 2>&1; then
	# Before ID is valid, compare files
	changed_files=$(git diff --name-only "$before_id" "$after_id" \| tr '\n' ' ')
	changed_ui=$(echo "$changed_files" \| grep -q "antora-ui/" && echo true \|\| echo false)
	changed_ext=$(echo "$changed_files" \| grep -q "extensions/" && echo true \|\| echo false)
	changed_actions=$(echo "$changed_files" \| grep -q ".github/" && echo true \|\| echo false)
	changed_libs=$(echo "$changed_files" \| grep -q "libs.playbook.yml" && echo true \|\| echo false)
	changed_packages=$(echo "$changed_files" \| grep -q "package.json" && echo true \|\| echo false)
	else
	# Assume anything might have changed
	changed_ui=true
	changed_ext=true
	changed_actions=true
	changed_libs=true
	changed_packages=true
	fi

	set -x

	# Only build lib playbook if it changed
	if [ "$changed_ui" = true ] \|\| [ "$changed_ext" = true ] \|\| [ "$changed_libs" = true ] \|\| [ "$changed_actions" = true ] \|\| [ "$changed_packages" = true ]; then
	echo "build-libs=true" >> $GITHUB_OUTPUT
	else
	echo "build-libs=false" >> $GITHUB_OUTPUT
	fi

	- name: Build sitedocs
	shell: bash
	run: \|
	set -x
	BOOSTLOOK_BRANCH="${{ (startsWith(github.ref, 'refs/heads/develop') && 'develop') \|\| 'master' }}"
	export BOOSTLOOK_BRANCH
	./build.sh

	- name: Setup Ninja
	uses: seanmiddleditch/gha-setup-ninja@v4
	if: ${{ runner.os == 'Windows' && steps.build.outputs.build-libs == 'true' }}

	- name: Identify Boost Modules
	if: steps.build.outputs.build-libs == 'true'
	run: \|
	grep -o 'https://github.com/boostorg/[a-zA-Z0-9_-]*' libs.playbook.yml \| sed 's/https:\/\/github.com\/boostorg\///' \| grep -v -e 'website-v2-docs' -e 'boost' \| tr '\n' ' ' > boost_modules.txt
	boost_modules=$(cat boost_modules.txt)
	echo "boost-modules=$boost_modules" >> $GITHUB_OUTPUT
	id: boost-modules

	- name: Clone Boost
	uses: alandefreitas/cpp-actions/[email protected]
	if: steps.build.outputs.build-libs == 'true'
	id: boost-clone
	with:
	branch: ${{ (github.ref_name == 'master' && github.ref_name) \|\| 'develop' }}
	modules: ${{ steps.boost-modules.outputs.boost-modules }}

	- name: Build Libs
	if: steps.build.outputs.build-libs == 'true'
	shell: bash
	run: \|
	set -e
	set -x
	BOOST_SRC_DIR="${{ steps.boost-clone.outputs.boost-dir }}"
	export BOOST_SRC_DIR
	./libdoc.sh "${{ (startsWith(github.ref, 'refs/heads/develop') && 'develop') \|\| 'master' }}"

	- name: Remove Libs from build
	if: steps.build.outputs.build-libs == 'true'
	shell: bash
	working-directory: build
	run: \|
	set -e
	set -x
	find "lib" -mindepth 1 -maxdepth 1 -type d -exec rm -r {} +
	# find "cpp-reference-extension" -mindepth 1 -maxdepth 1 -type d -exec rm -r {} +

	# - name: AWS Sync site-docs (revsys cluster)
	# if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	# uses: jakejarvis/s3-sync-action@master
	# with:
	# args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	# env:
	# AWS_S3_BUCKET: ${{ secrets.REVSYS_BUCKET }}
	# AWS_ACCESS_KEY_ID: ${{ secrets.REVSYS_KEY_ID }}
	# AWS_SECRET_ACCESS_KEY: ${{ secrets.REVSYS_ACCESS_KEY }}
	# AWS_REGION: 'us-east-2'
	# SOURCE_DIR: build/
	# DEST_DIR: ${{ format('site-docs/{0}', github.ref_name) }}

	- name: AWS Sync site-docs (production on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.BOOST_PRODUCTION_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.BOOST_PRODUCTION_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.BOOST_PRODUCTION_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: build/
	DEST_DIR: ${{ format('site-docs/{0}', github.ref_name) }}

	- name: AWS Sync site-docs (staging on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.BOOST_STAGE_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.BOOST_STAGE_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.BOOST_STAGE_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: build/
	DEST_DIR: ${{ format('site-docs/{0}', github.ref_name) }}

	- name: AWS Sync site-docs (cppal_dev on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.CPPAL_DEV_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.CPPAL_DEV_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.CPPAL_DEV_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: build/
	DEST_DIR: ${{ format('site-docs/{0}', github.ref_name) }}


	# - name: AWS Sync site-pages (revsys cluster)
	# if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	# uses: jakejarvis/s3-sync-action@master
	# with:
	# args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	# env:
	# AWS_S3_BUCKET: ${{ secrets.REVSYS_BUCKET }}
	# AWS_ACCESS_KEY_ID: ${{ secrets.REVSYS_KEY_ID }}
	# AWS_SECRET_ACCESS_KEY: ${{ secrets.REVSYS_ACCESS_KEY }}
	# AWS_REGION: 'us-east-2'
	# SOURCE_DIR: site-pages/
	# DEST_DIR: ${{ format('site-pages/{0}', github.ref_name) }}

	- name: AWS Sync site-pages (production on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.BOOST_PRODUCTION_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.BOOST_PRODUCTION_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.BOOST_PRODUCTION_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: site-pages/
	DEST_DIR: ${{ format('site-pages/{0}', github.ref_name) }}

	- name: AWS Sync site-pages (staging on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.BOOST_STAGE_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.BOOST_STAGE_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.BOOST_STAGE_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: site-pages/
	DEST_DIR: ${{ format('site-pages/{0}', github.ref_name) }}

	- name: AWS Sync site-pages (cppal_dev on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.CPPAL_DEV_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.CPPAL_DEV_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.CPPAL_DEV_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: site-pages/
	DEST_DIR: ${{ format('site-pages/{0}', github.ref_name) }}

	- name: AWS Sync release-notes (production on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.BOOST_PRODUCTION_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.BOOST_PRODUCTION_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.BOOST_PRODUCTION_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: release-notes/
	DEST_DIR: ${{ format('release-notes/{0}', github.ref_name) }}

	- name: AWS Sync release-notes (staging on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.BOOST_STAGE_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.BOOST_STAGE_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.BOOST_STAGE_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: release-notes/
	DEST_DIR: ${{ format('release-notes/{0}', github.ref_name) }}

	- name: AWS Sync release-notes (cppal_dev on GKE)
	if: matrix.publish && (github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/develop') && github.event_name == 'push' && github.repository == 'boostorg/website-v2-docs'
	uses: jakejarvis/s3-sync-action@master
	with:
	args: --follow-symlinks --delete --exclude '.git/' --exclude 'build/lib/'
	env:
	AWS_S3_BUCKET: ${{ secrets.CPPAL_DEV_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.CPPAL_DEV_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.CPPAL_DEV_ACCESS_KEY }}
	AWS_REGION: 'us-east-2'
	SOURCE_DIR: release-notes/
	DEST_DIR: ${{ format('release-notes/{0}', github.ref_name) }}

	- name: Purge CDN cache
	if: matrix.publish
	run: \|
	set -xe
	# Clears files selected by the Surrogate Key "deployment", which can be adjusted in the VCL.
	if [ -n "${{ env.FASTLY_SERVICE_ID_1 }}" ]; then
	curl -X POST -H 'Fastly-Soft-Purge:1' -H "Fastly-Key: ${{ secrets.FASTLY_TOKEN }}" -H 'Accept: application/json' https://api.fastly.com/service/${{ env.FASTLY_SERVICE_ID_1 }}/purge/deployment
	fi
	if [ -n "${{ env.FASTLY_SERVICE_ID_2 }}" ]; then
	curl -X POST -H 'Fastly-Soft-Purge:1' -H "Fastly-Key: ${{ secrets.FASTLY_TOKEN }}" -H 'Accept: application/json' https://api.fastly.com/service/${{ env.FASTLY_SERVICE_ID_2 }}/purge/deployment
	fi

	- name: Publish Releases as Artifacts
	if: matrix.publish && github.event_name == 'push'
	uses: actions/upload-artifact@v4
	with:
	name: site-docs
	path: build

	- uses: softprops/action-gh-release@v1
	if: matrix.publish && startsWith(github.ref, 'refs/tags/boost-')
	with:
	files: \|
	build/${{ github.ref_name }}.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Reference links/practices added to Safe C++ CG FAQ (#398) #748

Workflow file

Reference links/practices added to Safe C++ CG FAQ (#398) #748

Jobs

Run details

Workflow file for this run