Skip to content

[Snyk] Security upgrade pillow from 9.5.0 to 10.3.0 #122

[Snyk] Security upgrade pillow from 9.5.0 to 10.3.0

[Snyk] Security upgrade pillow from 9.5.0 to 10.3.0 #122

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: PreCommit Python PVR Flink
on:
pull_request_target:
branches: ['master', 'release-*']
paths:
- 'model/**'
- 'sdks/python/**'
- 'release/**'
- 'sdks/java/io/kafka/**'
- 'runners/core-construction-java/**'
- 'runners/core-java/**'
- 'runners/extensions-java/**'
- 'runners/flink/**'
- 'runners/java-fn-execution/**'
- 'runners/reference/**'
- 'release/trigger_all_tests.json'
- '.github/trigger_files/beam_PreCommit_Python_PVR_Flink.json'
issue_comment:
types: [created]
push:
tags: ['v*']
branches: ['master', 'release-*']
paths:
- 'model/**'
- 'sdks/python/**'
- 'release/**'
- 'sdks/java/io/kafka/**'
- 'runners/core-construction-java/**'
- 'runners/core-java/**'
- 'runners/extensions-java/**'
- 'runners/flink/**'
- 'runners/java-fn-execution/**'
- 'runners/reference/**'
- '.github/workflows/beam_PreCommit_Python_PVR_Flink.yml'
schedule:
- cron: '45 2/6 * * *'
workflow_dispatch:
#Setting explicit permissions for the action to avoid the default permissions which are `write-all` in case of pull_request_target event
permissions:
actions: write
pull-requests: write
checks: write
contents: read
deployments: read
id-token: none
issues: write
discussions: read
packages: read
pages: read
repository-projects: read
security-events: read
statuses: read
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: '${{ github.workflow }} @ ${{ github.event.issue.number || github.event.pull_request.head.label || github.sha || github.head_ref || github.ref }}-${{ github.event.schedule || github.event.comment.id || github.event.sender.login }}'
cancel-in-progress: true
env:
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }}
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GE_CACHE_USERNAME }}
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GE_CACHE_PASSWORD }}
jobs:
beam_PreCommit_Python_PVR_Flink:
name: ${{ matrix.job_name }} (${{ matrix.job_phrase }})
strategy:
matrix:
job_name: ["beam_PreCommit_Python_PVR_Flink"]
job_phrase: ["Run Python_PVR_Flink PreCommit"]
timeout-minutes: 120
if: |
github.event_name == 'push' ||
github.event_name == 'pull_request_target' ||
(github.event_name == 'schedule' && github.repository == 'apache/beam') ||
github.event_name == 'workflow_dispatch' ||
github.event.comment.body == 'Run Python_PVR_Flink PreCommit'
runs-on: [self-hosted, ubuntu-20.04, main]
steps:
- uses: actions/checkout@v4
- name: Setup repository
uses: ./.github/actions/setup-action
with:
comment_phrase: ${{ matrix.job_phrase }}
github_token: ${{ secrets.GITHUB_TOKEN }}
github_job: ${{ matrix.job_name }} (${{ matrix.job_phrase }})
- name: Setup environment
uses: ./.github/actions/setup-environment-action
with:
python-version: 3.11
- name: run Python PVR Flink PreCommit script
uses: ./.github/actions/gradle-command-self-hosted-action
env:
CLOUDSDK_CONFIG: ${{ env.KUBELET_GCLOUD_CONFIG_PATH}}
with:
gradle-command: :sdks:python:test-suites:portable:py311:flinkValidatesRunner
arguments: |
-PpythonVersion=3.11 \
- name: Archive Python Test Results
uses: actions/upload-artifact@v4
if: failure()
with:
name: Python Test Results
path: '**/pytest*.xml'
- name: Publish Python Test Results
uses: EnricoMi/publish-unit-test-result-action@v2
if: always()
with:
commit: '${{ env.prsha || env.GITHUB_SHA }}'
comment_mode: ${{ github.event_name == 'issue_comment' && 'always' || 'off' }}
files: '**/pytest*.xml'