Add legal permissions invariant for tagged capabilities #1030
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Create Specification Document | |
# The workflow is triggered by pull request, push to main, and manual dispatch. | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: 'Release version, e.g. X.Y.Z:' | |
required: true | |
type: string | |
revision_mark: | |
description: 'Set revision mark as Draft, Release or Stable:' | |
required: true | |
type: choice | |
options: | |
- Draft | |
- Release | |
- Stable | |
default: Draft | |
prerelease: | |
description: Tag as a pre-release? | |
required: false | |
type: boolean | |
default: true | |
draft: | |
description: Create release as a draft? | |
required: false | |
type: boolean | |
default: false | |
pull_request: | |
push: | |
branches: | |
- main | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout the repository | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
# Pull the latest RISC-V Docs container image | |
- name: Pull Container | |
run: docker pull riscvintl/riscv-docs-base-container-image:latest | |
# Override VERSION and REVMARK for manual workflow dispatch | |
- name: Update environment variables for releases | |
run: | | |
echo "VERSION=v${{ github.event.inputs.version }}" >> "$GITHUB_ENV" | |
echo "REVMARK=${{ github.event.inputs.revision_mark }}" >> "$GITHUB_ENV" | |
if: github.event_name == 'workflow_dispatch' | |
- name: Update environment variables for push events | |
run: | | |
echo "EXTRA_ASCIIDOC_OPTIONS=-a github_commit_sha=$GITHUB_SHA" >> "$GITHUB_ENV" | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
# Build PDF and HTML. | |
- name: Build Files | |
run: make all | |
# Upload the built PDF and HTML files as a single artifact | |
- name: Upload Build Artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Build Artifacts | |
path: | | |
build/*.pdf | |
build/*.html | |
retention-days: 30 | |
# Upload GitHub pages artefacts. | |
- name: Make gitlab pages directory | |
run: mkdir dist && cp build/*.html dist/index.html | |
if: github.event_name == 'push' | |
- name: Upload artifact | |
uses: actions/upload-pages-artifact@v3 | |
with: | |
path: dist | |
if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' | |
# Create Release | |
- name: Create Release | |
uses: softprops/action-gh-release@v1 | |
with: | |
files: | | |
build/*.pdf | |
build/*.html | |
tag_name: v${{ github.event.inputs.version }} | |
name: Release ${{ github.event.inputs.version }} | |
draft: ${{ github.event.inputs.draft }} | |
prerelease: ${{ github.event.inputs.prerelease }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GHTOKEN }} | |
if: github.event_name == 'workflow_dispatch' | |
# This condition ensures this step only runs for workflow_dispatch events. | |
# Deploy HTML to Github pages. | |
deploy: | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
needs: build | |
permissions: | |
pages: write | |
id-token: write | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v4 |