Skip to content

[Snyk] Security upgrade golang from 1.20-bookworm to 1.23.0-bookworm #886

[Snyk] Security upgrade golang from 1.20-bookworm to 1.23.0-bookworm

[Snyk] Security upgrade golang from 1.20-bookworm to 1.23.0-bookworm #886

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: PreCommit Java Examples Dataflow Java21
on:
push:
tags: ['v*']
branches: ['master', 'release-*']
paths:
- 'model/**'
- 'sdks/java/**'
- 'runners/google-cloud-dataflow-java/**'
- 'examples/java/**'
- 'examples/kotlin/**'
- 'release/**'
- '.github/workflows/beam_PreCommit_Java_Examples_Dataflow_Java21.yml'
pull_request_target:
branches: ['master', 'release-*']
paths:
- 'model/**'
- 'sdks/java/**'
- 'runners/google-cloud-dataflow-java/**'
- 'examples/java/**'
- 'examples/kotlin/**'
- 'release/**'
- 'release/trigger_all_tests.json'
- '.github/trigger_files/beam_PreCommit_Java_Examples_Dataflow_Java21.json'
issue_comment:
types: [created]
schedule:
- cron: '30 1/6 * * *'
workflow_dispatch:
# Setting explicit permissions for the action to avoid the default permissions which are `write-all` in case of pull_request_target event
permissions:
actions: write
pull-requests: write
checks: write
contents: read
deployments: read
id-token: none
issues: write
discussions: read
packages: read
pages: read
repository-projects: read
security-events: read
statuses: read
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: '${{ github.workflow }} @ ${{ github.event.issue.number || github.event.pull_request.head.label || github.sha || github.head_ref || github.ref }}-${{ github.event.schedule || github.event.comment.id || github.event.sender.login }}'
cancel-in-progress: true
env:
DEVELOCITY_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }}
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GE_CACHE_USERNAME }}
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GE_CACHE_PASSWORD }}
jobs:
beam_PreCommit_Java_Examples_Dataflow_Java21:
name: ${{ matrix.job_name }} (${{ matrix.job_phrase }})
strategy:
matrix:
job_name: ["beam_PreCommit_Java_Examples_Dataflow_Java21"]
job_phrase: ["Run Java_Examples_Dataflow_Java21 PreCommit"]
timeout-minutes: 75
if: |
github.event_name == 'push' ||
github.event_name == 'pull_request_target' ||
(github.event_name == 'schedule' && github.repository == 'apache/beam') ||
github.event_name == 'workflow_dispatch' ||
github.event.comment.body == 'Run Java_Examples_Dataflow_Java21 PreCommit'
runs-on: [self-hosted, ubuntu-20.04, main]
steps:
- uses: actions/checkout@v4
- name: Setup repository
uses: ./.github/actions/setup-action
with:
comment_phrase: ${{ matrix.job_phrase }}
github_token: ${{ secrets.GITHUB_TOKEN }}
github_job: ${{ matrix.job_name }} (${{ matrix.job_phrase }})
# The test requires Java 21 and Java 8 versions.
# Java 8 is installed second because JAVA_HOME needs to point to Java 8.
- name: Setup environment
uses: ./.github/actions/setup-environment-action
with:
java-version: |
21
8
- name: Clean
uses: ./.github/actions/gradle-command-self-hosted-action
with:
gradle-command: :clean
arguments: |
-PdisableSpotlessCheck=true \
-PdisableCheckStyle=true \
-PskipCheckerFramework \
- name: Build and Test
uses: ./.github/actions/gradle-command-self-hosted-action
with:
gradle-command: :runners:google-cloud-dataflow-java:examples:preCommit
arguments: |
-PdisableSpotlessCheck=true \
-PdisableCheckStyle=true \
-PtestJavaVersion=21 \
-PskipCheckerFramework \
-Pjava21Home=$JAVA_HOME_21_X64 \
max-workers: 12
- name: Archive JUnit Test Results
uses: actions/upload-artifact@v4
if: ${{ !success() }}
with:
name: JUnit Test Results
path: "**/build/reports/tests/"
- name: Publish JUnit Test Results
uses: EnricoMi/publish-unit-test-result-action@v2
if: always()
with:
commit: '${{ env.prsha || env.GITHUB_SHA }}'
comment_mode: ${{ github.event_name == 'issue_comment' && 'always' || 'off' }}
files: '**/build/test-results/**/*.xml'
- name: Archive SpotBugs Results
uses: actions/upload-artifact@v4
with:
name: SpotBugs Results
path: '**/build/reports/spotbugs/*.html'