Tat 123 create homepage initial

.github/workflows/release-please.yml

@@ -0,0 +1,21 @@
+name: Update Release
+
+on:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Update release
+        uses: google-github-actions/release-please-action@v3
+        with:
+          command: manifest

.github/workflows/website-build.yml

@@ -0,0 +1,131 @@
+name: Build Website
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+# If another web build starts for the same branch, cancel the previous build. This
+# protects us from two builds trying to upload at the same time and clobbering each
+# other.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+  id-token: write
+  pages: write
+  pull-requests: write
+
+jobs:
+  tat_website_build:
+    runs-on: ubuntu-latest
+    env:
+      BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
+    steps:
+
+    # Configure Environment
+    - uses: actions/checkout@v3
+    - uses: actions/setup-node@v3
+      id: "setup-node"
+      with:
+        node-version: '19'
+        cache: 'npm'
+        cache-dependency-path: './package-lock.json'
+    - name: Install dependencies
+      run: npm ci
+
+    # Lint
+    - name: Lint
+      run: npm run lint
+
+    # Build and Upload Artifact
+    - name: Type Check
+      run: npm run type-check
+    - name: Build
+      run: npm run build-only -- --base /$BRANCH_NAME/
+    - name: Upload artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: tat_website
+        path: ./dist/
+
+  # Publish to Azure blob only on PRs, not main.
+  azure_blob:
+    if: github.ref_name != 'main'
+    needs: tat_website_build
+    runs-on: ubuntu-latest
+    env:
+      AZURE_STORAGE_ACCOUNT: topattacktechniques
+      AZURE_STORAGE_SAS_TOKEN: ${{ secrets.AZURE_SAS_TOKEN }}
+      BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
+      STATICRYPT_PASS: ${{ secrets.STATICRYPT_PASS }}
+    steps:
+      - uses: actions/setup-node@v3
+        with:
+          node-version: "19"
+      - run: npm install -g staticrypt
+      - name: Download Web Site
+        uses: actions/download-artifact@v3
+        with:
+          name: tat_website
+          path: tat_website
+      - env:
+          STATICRYPT_PASS: ${{ secrets.STATICRYPT_PASS }}
+        run: >
+          staticrypt --remember 3 --salt b1c18fbb5081eca3e2db08a413b01774 \
+            --password $STATICRYPT_PASS --short \
+            --template-title "Top ATT&CK Techniques (branch: $BRANCH_NAME)" \
+            --template-instructions "The contents of this site are marked TLP:AMBER:CTID-R&D:22-80. Do not share with unauthorized individuals." \
+            --template-color-primary "#6241c5" \
+            --template-color-secondary "#b2b2b2" \
+            --template-button "Log In" \
+            -r tat_website/
+      - name: Ensure StatiCrypt ran # StatiCrypt will fail without warning; verify it created a directory
+        run: test -d encrypted
+      - name: Copy encrypted HTML files
+        run: rsync -Ir -v --include='*.html' --exclude='*.*' encrypted/tat_website .
+      - name: Set the branch name
+        run: mv tat_website "$BRANCH_NAME"
+      - name: Install Azure CLI
+        run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
+      - name: Delete old blobs
+        run: az storage blob delete-batch -s '$web' --pattern "$BRANCH_NAME/*"
+      - name: Upload to blob storage
+        run: az storage blob upload-batch -s . --pattern "$BRANCH_NAME/*" -d '$web'
+      - uses: actions/github-script@v6
+        if: github.event_name == 'pull_request'
+        with:
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: `This PR has been published to https://topattacktechniques.z13.web.core.windows.net/${process.env['BRANCH_NAME']}/`,
+            })
+
+  # github_pages:
+  #   # This job only runs when committing or merging to main branch.
+  #   if: github.ref_name == 'main'
+  #   needs: tat_website_build
+  #   runs-on: ubuntu-latest
+  #   environment:
+  #     name: github-pages
+  #     url: $\{\{ steps.deployment.outputs.page_url \}\}
+
+  #   steps:
+  #   - name: Setup Pages
+  #     uses: actions/configure-pages@v2
+  #   - name: Download Web Site
+  #     uses: actions/download-artifact@v3
+  #     with:
+  #       name: tat_website
+  #       path: tat_website
+  #   - name: Upload artifact
+  #     uses: actions/upload-pages-artifact@v1
+  #     with:
+  #       path: ./tat_website
+  #   - name: Deploy to GitHub Pages
+  #     id: deployment
+  #     uses: actions/deploy-pages@v1

.release-please-manifest.json

@@ -0,0 +1 @@
+{}

index.html

@@ -10,6 +10,11 @@
       href="https://fonts.googleapis.com/css2?family=Roboto+Condensed:[email protected]&display=swap"
       rel="stylesheet"
     />
+    <link
+      href="https://fonts.googleapis.com/css2?family=Fira+Sans+Extra+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap"
+      rel="stylesheet"
+    />
+
     <title>Vite App</title>
   </head>