Check Code Quality #540
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check Code Quality | |
on: | |
# run once a day at 6AM UTC | |
schedule: | |
- cron: '0 6 * * *' | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
jobs: | |
check_content: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
fetch-depth: 0 | |
- name: Setup Hugo | |
uses: peaceiris/actions-hugo@v3 | |
with: | |
hugo-version: '0.130.0' | |
extended: true | |
- name: Build | |
run: | | |
hugo --minify | |
bin/pagefind --site "public" | |
- name: Check HTML links | |
continue-on-error: true | |
run: bin/htmltest -c .htmltest.yml -s 2>&1 | tee htmltest.log | |
- name: HTML test results | |
uses: actions/upload-artifact@v4 | |
with: | |
name: htmltest-report | |
path: htmltest.log | |
retention-days: 5 # Default is 90 days | |
- name: Spell check | |
continue-on-error: true | |
uses: rojopolis/spellcheck-github-actions@0.40.0 | |
with: | |
config_path: .spellcheck.yml | |
task_name: Markdown | |
output_file: spellcheck-output.txt | |
- name: Refine spelling results | |
continue-on-error: true | |
run: tools/process-spelling.sh | |
- name: Spelling results | |
uses: actions/upload-artifact@v4 | |
with: | |
name: spellcheck-output | |
path: spellcheck-output.txt | |
retention-days: 5 # Default is 90 days | |
- name: Scan for malware | |
run: | | |
tools/install-scan.sh | |
clamscan -r -i public -l scanlog | |
- name: Scan results | |
uses: actions/upload-artifact@v4 | |
with: | |
name: clamscan-log | |
path: scanlog | |
retention-days: 5 # Default is 90 days | |
- name: Azure DevOps Security Scan | |
uses: actions/setup-dotnet@v4 | |
with: | |
dotnet-version: | | |
5.0.x | |
6.0.x | |
- name: Run Microsoft Security DevOps | |
uses: microsoft/security-devops-action@latest | |
id: msdo | |
with: | |
tools: container-mapping, bandit, eslint, templateanalyzer | |
- name: Upload results to Security tab | |
uses: actions/upload-artifact@v4 | |
with: | |
path: ${{ steps.msdo.outputs.sarifFile }} | |
retention-days: 5 # Default is 90 days |