This repository has been archived by the owner on Dec 13, 2023. It is now read-only.
Upgrading OSS libraries with known open CVEs #2829
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: [ push, pull_request ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| fetch-depth: 0 | |
| - name: Gradle wrapper validation | |
| uses: gradle/wrapper-validation-action@v1 | |
| - name: Set up Zulu JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'zulu' | |
| java-version: '17' | |
| - name: Cache SonarCloud packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: ${{ runner.os }}-gradle- | |
| - name: Build with Gradle | |
| if: github.ref != 'refs/heads/main' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| ./gradlew build --scan | |
| - name: Print Server Logs | |
| if: always() | |
| run: | | |
| cat conductor_tests.log | |
| - name: Publish server logs | |
| if: always() | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: server-logs | |
| path: conductor_tests.log | |
| - name: Build and Publish snapshot | |
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| run: | | |
| echo "Running build for commit ${{ github.sha }}" | |
| ./gradlew build snapshot --scan | |
| env: | |
| NETFLIX_OSS_SIGNING_KEY: ${{ secrets.ORG_SIGNING_KEY }} | |
| NETFLIX_OSS_SIGNING_PASSWORD: ${{ secrets.ORG_SIGNING_PASSWORD }} | |
| NETFLIX_OSS_REPO_USERNAME: ${{ secrets.ORG_NETFLIXOSS_USERNAME }} | |
| NETFLIX_OSS_REPO_PASSWORD: ${{ secrets.ORG_NETFLIXOSS_PASSWORD }} | |
| - name: Publish Test Report | |
| uses: mikepenz/action-junit-report@v3 | |
| if: always() | |
| with: | |
| report_paths: '**/build/test-results/test/TEST-*.xml' | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: build-artifacts | |
| path: '**/build/reports' | |
| - name: Store Buildscan URL | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: build-scan | |
| path: 'buildscan.log' | |
| build-ui: | |
| runs-on: ubuntu-latest | |
| container: cypress/browsers:node14.17.6-chrome100-ff98 | |
| defaults: | |
| run: | |
| working-directory: ui | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Install Dependencies | |
| run: yarn install | |
| - name: Build UI | |
| run: yarn run build | |
| - name: Run E2E Tests | |
| uses: cypress-io/github-action@v4 | |
| with: | |
| working-directory: ui | |
| install: false | |
| start: yarn run serve-build | |
| wait-on: 'http://localhost:5000' | |
| - name: Run Component Tests | |
| uses: cypress-io/github-action@v4 | |
| with: | |
| working-directory: ui | |
| install: false | |
| component: true | |
| - name: Archive test screenshots | |
| uses: actions/upload-artifact@v2 | |
| if: failure() | |
| with: | |
| name: cypress-screenshots | |
| path: ui/cypress/screenshots | |
| - name: Archive test videos | |
| uses: actions/upload-artifact@v2 | |
| if: always() | |
| with: | |
| name: cypress-videos | |
| path: ui/cypress/videos | |