Skip to content

Update harden-runner for release scheduler (#3680) #1578

Update harden-runner for release scheduler (#3680)

Update harden-runner for release scheduler (#3680) #1578

Workflow file for this run

# Copyright (c) eBPF for Windows contributors
# SPDX-License-Identifier: MIT
# This action will run doxygen to update the documentation at https://microsoft.github.io/ebpf-for-windows/
# which is a view of the gh-pages branch. This action is done whenever the main branch is updated.
# For docs on gh-pages see https://pages.github.com/
#
# The following two links discuss steps similar to this action so may be useful reading
# to understand how the automatic update works:
# https://growworkinghard.altervista.org/doxygen-documentation-on-github-using-gh-pages/
# https://github.com/m-a-d-n-e-s-s/madness/issues/104
name: Doxygen Action
# Controls when the action will run. Triggers the workflow on push # events
# but only for the main branch
on:
push:
branches: [ main ]
permissions:
contents: read
jobs:
build:
permissions:
contents: write # for Git to git push
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6
with:
egress-policy: block
allowed-endpoints: >
azure.archive.ubuntu.com:80
github.com:443
- name: Install doxygen
run: |
sudo apt install doxygen
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: Clone docs
run: |
git config --global user.email '[email protected]'
git config --global user.name 'Github Action'
git clone --branch gh-pages https://github.com/microsoft/ebpf-for-windows.git docs/html
- name: Update docs
run: |
doxygen
cd docs/html
git add .
if [ -n "$(git status --porcelain)" ]; then
git commit -s -m "Updated documentation"
git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/microsoft/ebpf-for-windows.git
git push
fi