Skip to content

Merge pull request #147 from sehlen-bsi/ci/package_documentation #701

Merge pull request #147 from sehlen-bsi/ci/package_documentation

Merge pull request #147 from sehlen-bsi/ci/package_documentation #701

Workflow file for this run

name: CI
on:
push:
schedule:
# Run this around 2:37am once every 6-ish days to keep the GitHub API
# cache warm. Otherwise we would run into an API rate limit whenever
# we resume working on the repository after a weeks-long break.
#
# Github Actions caches are evicted after one week of not being used.
- cron: '37 2 1,7,13,19,25,31 * *'
permissions:
contents: read
# implicitly all other scopes not listed become none
jobs:
pdf_creation:
strategy:
matrix:
element:
- {name: Crypto Documentation, dir: docs/cryptodoc, out_name: cryptodoc}
- {name: Audit Method Description, dir: docs/audit_method, out_name: audit_method}
- {name: Test Specification, dir: docs/testspec, out_name: testspec}
- {name: Architecture Overview, dir: docs/architecture, out_name: architecture}
name: Build PDF - ${{ matrix.element.name }}
runs-on: ubuntu-22.04
defaults:
run:
working-directory: ${{matrix.element.dir }}
steps:
- uses: actions/checkout@v3
- name: Setup Environment Configuration
uses: ./.github/actions/setup-environment
with:
env_file: ./config/botan.env
- name: Install Build Dependencies
run: |
sudo apt-get update
sudo apt-get -qq install python3-poetry texlive-latex-extra texlive-fonts-recommended tex-gyre texlive-lang-german latexmk
- name: Install Python Dependencies
run: poetry install --no-dev
- name: Build pdf
run: poetry run make latexpdf
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: Botan ${{ env.BOTAN_VERSION }} ${{ matrix.element.name }}
path: ${{ matrix.element.dir }}/_build/latex/${{ matrix.element.out_name }}-*.pdf
url_check:
strategy:
matrix:
element:
- {name: Crypto Documentation, dir: docs/cryptodoc}
- {name: Audit Method Description, dir: docs/audit_method}
- {name: Test Specification, dir: docs/testspec}
- {name: Architecture, dir: docs/architecture}
name: Check source URLs - ${{ matrix.element.name }}
runs-on: ubuntu-22.04
defaults:
run:
working-directory: ${{matrix.element.dir }}
steps:
- uses: actions/checkout@v3
- name: Setup Environment Configuration
uses: ./.github/actions/setup-environment
with:
env_file: ./config/botan.env
- name: Install Build Dependencies
run: |
sudo apt-get update
sudo apt-get -qq install python3-poetry
- name: Install Python Dependencies
run: poetry install --no-dev
- name: Build with URL check enabled
run: poetry run make SPHINXOPTS="-D src_ref_check_url=True -W --keep-going" html
audit_generation:
name: Build PDF - Audit Report
runs-on: ubuntu-22.04
steps:
- name: Fetch Audit Repository
uses: actions/checkout@v3
with:
path: ./source
- name: Setup Environment Configuration
uses: ./source/.github/actions/setup-environment
with:
env_file: ./source/config/botan.env
- name: Fetch Botan Repository
uses: actions/checkout@v3
with:
path: ./botan
repository: ${{ env.BOTAN_REPO }}
fetch-depth: 0
- name: Install Build Dependencies
working-directory: source/docs/audit_report
run: |
sudo apt-get update
sudo apt-get -qq install python3-poetry texlive-latex-extra texlive-fonts-recommended tex-gyre latexmk
poetry install --no-dev
- name: Install GitHub webflow GPG public key
run: gpg --trusted-key 4AEE18F83AFDEB23 --import source/.github/resources/web-flow.gpg
- name: Handle the Audit Generator Cache
uses: actions/cache@v3
with:
path: ./audit_generator_cache
key: audit_3.1-${{ github.run_id }}
restore-keys: audit_3.1
- name: Verify Patch Coverage
working-directory: source/docs/audit_report
run: poetry run python3 -m genaudit.cli unrefed --yaml changes
env:
AUDIT_CACHE_LOCATION: ${{ github.workspace }}/audit_generator_cache
AUDIT_REPO_LOCATION: ${{ github.workspace }}/botan
BASIC_GH_TOKEN: ${{ github.token }}
- name: Build Document
working-directory: source/docs/audit_report
run: poetry run make latexpdf
env:
AUDIT_CACHE_LOCATION: ${{ github.workspace }}/audit_generator_cache
AUDIT_REPO_LOCATION: ${{ github.workspace }}/botan
BASIC_GH_TOKEN: ${{ github.token }}
- name: Query the API Rate Limit
run: ${{ github.workspace }}/source/.github/scripts/query_rate_limit.sh
if: always()
env:
GITHUB_TOKEN: ${{ github.token }}
- name: Store Audit Generator Cache on Rate Limit Exceeded
uses: actions/cache/save@v3
if: ${{ failure() && env.API_RATE_LIMIT_EXCEEDED == 'true' }}
with:
path: ./audit_generator_cache
key: audit_3.1-${{ github.run_id }}
- name: Upload Artifacts
uses: actions/upload-artifact@v3
with:
name: Botan ${{ env.BOTAN_VERSION }} Audit Report
path: source/docs/audit_report/_build/latex/*.pdf