-
Notifications
You must be signed in to change notification settings - Fork 161
91 lines (76 loc) · 2.4 KB
/
content-checks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
name: Check Code Quality
on:
# run once a day at 6AM UTC
schedule:
- cron: '0 6 * * *'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
check_content:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 0
- name: Setup Hugo
uses: peaceiris/actions-hugo@v3
with:
hugo-version: '0.130.0'
extended: true
- name: Build
run: |
hugo --minify
bin/pagefind --site "public"
- name: Check HTML links
continue-on-error: true
run: bin/htmltest -c .htmltest.yml -s 2>&1 | tee htmltest.log
- name: HTML test results
uses: actions/upload-artifact@v4
with:
name: htmltest-report
path: htmltest.log
retention-days: 5 # Default is 90 days
- name: Spell check
continue-on-error: true
uses: rojopolis/spellcheck-github-actions@0.40.0
with:
config_path: .spellcheck.yml
task_name: Markdown
output_file: spellcheck-output.txt
- name: Refine spelling results
continue-on-error: true
run: tools/process-spelling.sh
- name: Spelling results
uses: actions/upload-artifact@v4
with:
name: spellcheck-output
path: spellcheck-output.txt
retention-days: 5 # Default is 90 days
- name: Scan for malware
run: |
tools/install-scan.sh
clamscan -r -i public -l scanlog
- name: Scan results
uses: actions/upload-artifact@v4
with:
name: clamscan-log
path: scanlog
retention-days: 5 # Default is 90 days
- name: Azure DevOps Security Scan
uses: actions/setup-dotnet@v4
with:
dotnet-version: |
5.0.x
6.0.x
- name: Run Microsoft Security DevOps
uses: microsoft/security-devops-action@latest
id: msdo
with:
tools: container-mapping, bandit, eslint, templateanalyzer
- name: Upload results to Security tab
uses: actions/upload-artifact@v4
with:
path: ${{ steps.msdo.outputs.sarifFile }}
retention-days: 5 # Default is 90 days