fix Notes::{read,ls,...} permissions #116
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: enochecker_test | |
on: | |
push: | |
branches: | |
- main | |
- fixed | |
pull_request: | |
branches: | |
- main | |
- fixed | |
jobs: | |
build: | |
runs-on: self-hosted | |
env: | |
ENOCHECKER_TEST_CHECKER_ADDRESS: localhost | |
ENOCHECKER_TEST_CHECKER_PORT: 2125 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Set up Python 3.9 | |
uses: actions/setup-python@v2 | |
with: | |
python-version: 3.9 | |
- name: Install enochecker_test | |
run: | | |
python -m venv venv | |
source venv/bin/activate | |
python -m pip install --upgrade pip | |
pip install git+https://github.com/fwc/enochecker_test@45aaadd2ae09867715bf7ad8087d562dad17207f | |
- name: start service | |
run: | | |
cd service | |
docker-compose up --build --force-recreate -d | |
- name: start checker | |
run: | | |
cd checker | |
docker-compose up --build --force-recreate -d | |
- name: obtain Docker host IP | |
run: | | |
echo "ENOCHECKER_TEST_SERVICE_ADDRESS=$(ip -4 address show dev eth0 | grep inet | awk '{ print $2 }' | sed 's|/.*$||')" >> $GITHUB_ENV | |
- name: run enochecker_test | |
if: github.ref_name == 'main' | |
run: | | |
source venv/bin/activate | |
enochecker_test | |
- name: run enochecker_test without exploit | |
if: github.ref_name == 'fixed' | |
run: | | |
source venv/bin/activate | |
enochecker_test "not exploit" | |
- name: ensure run on main or fixed | |
if: github.ref_name != 'main' && github.ref_name != 'fixed' | |
run: exit 1 | |
- name: Dump docker logs on failure | |
if: failure() | |
uses: jwalton/gh-docker-logs@v1 | |
with: | |
dest: './logs' | |
- name: Tar logs | |
if: failure() | |
run: tar cvzf ./logs.tgz ./logs | |
- name: Upload logs to GitHub | |
if: failure() | |
uses: actions/upload-artifact@master | |
with: | |
name: logs.tgz | |
path: ./logs.tgz | |
- name: Kill docker containers | |
if: failure() || success() | |
run: | | |
(cd service && docker-compose kill) | |
(cd checker && docker-compose kill) |