Skip to content

[Snyk] Security upgrade alpine from 3.18.3 to 3.20.3 #1298

[Snyk] Security upgrade alpine from 3.18.3 to 3.20.3

[Snyk] Security upgrade alpine from 3.18.3 to 3.20.3 #1298

Workflow file for this run

name: CI
on:
push:
branches:
- main
- development
tags:
- v*
pull_request:
branches:
- main
- development
jobs:
build:
name: build
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.excludes-matrix.outputs.matrix }}
steps:
# Check out current commit
- name: Checkout
uses: actions/checkout@v3
# Make sure buildkit is enabled
- name: Enable buildkit
shell: bash
run: |
echo '{"experimental": "enabled"}' > ~/.docker/config.json
# Build and Export image for push to github container registry
- name: Build and export drupal image
run: make static-drupal-image-export
# Build and run the static environment
- name: Build Static
run: make static-docker-compose.yml up
- uses: actions/upload-artifact@v2
with:
name: drupal-image
path: images
- name: Generate Test Matrix
id: test-matrix
uses: jhu-idc/idc-matrixgen@1.0.0
with:
key: suite
- name: Exclude nightly jobs
id: excludes-matrix
uses: jhu-idc/idc-matrixgen@1.0.0
with:
key: suite
glob: '*nightly*.sh'
exclude: true
matrix: ${{ steps.test-matrix.outputs.matrix }}
#- name: Notify Slack
# uses: 8398a7/action-slack@v3
# with:
# status: ${{ job.status }}
# fields: repo,message,commit,author,action,eventName,ref,workflow,job,took,pullRequest # selectable (default: repo,message)
# env:
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required
# if: failure()
test:
name: test
runs-on: ubuntu-latest
if: false # Don/Tim: disable testing for now
needs: build
strategy:
matrix: ${{ fromJSON(needs.build.outputs.matrix) }}
fail-fast: false
steps:
# Check out current commit
- name: Checkout
uses: actions/checkout@v3
- name: Download Drupal Image
uses: actions/download-artifact@v2
with:
name: drupal-image
path: images
- name: Load Drupal Image
run: docker load < images/static-drupal.tar
- name: Use static docker-compose file, to test static image
run: make static-docker-compose.yml
- name: Up
run: make up
- name: test
run: |
mkdir -p end-to-end/reports
chmod a+rwx end-to-end/reports
make test test=${{ matrix.suite }}
- name: reports
if: always()
run: |
mkdir -p end-to-end/reports/${{ matrix.suite }}
docker ps
docker logs idc_drupal_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/drupal-${{ matrix.suite }}.log
docker logs idc_alpaca_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/alpaca-${{ matrix.suite }}.log
docker logs idc_homarus_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/homarus-${{ matrix.suite }}.log
docker logs idc_crayfits_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/crayfits-${{ matrix.suite }}.log
docker logs idc_fits_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/fits-${{ matrix.suite }}.log
docker logs idc_houdini_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/houdini-${{ matrix.suite }}.log
docker logs idc_dlq_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/dlq-${{ matrix.suite }}.log
- name: upload reports
if: always()
uses: actions/upload-artifact@v2
with:
name: reports-${{ matrix.suite }}
path: end-to-end/reports/${{ matrix.suite }}
- name: upload screenshots
if: always()
uses: actions/upload-artifact@v2
with:
name: reports-screenshots
path: end-to-end/reports/screenshots
#- name: Notify Slack
# uses: 8398a7/action-slack@v3
# with:
# status: ${{ job.status }}
# fields: repo,message,commit,author,action,eventName,ref,workflow,job,took,pullRequest # selectable (default: repo,message)
# env:
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required
# MATRIX_CONTEXT: ${{ toJson(matrix) }} # required
# if: failure()
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: [ build ] # Tim, Don: removing test dependency
env:
DOCKER_USER: ${{secrets.DOCKER_USER}}
DOCKER_PUSH_REPOSITORY: ${{secrets.DOCKER_PUSH_REPOSITORY}}
steps:
# Check out current commit
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Docker Login
if: ${{ github.event_name != 'pull_request' && env.DOCKER_USER }}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ env.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASS }}
- name: Download Drupal Image
if: ${{ github.event_name != 'pull_request' && env.DOCKER_USER }}
uses: actions/download-artifact@v2
with:
name: drupal-image
path: images
- name: Load Drupal Image
if: ${{ github.event_name != 'pull_request' && env.DOCKER_USER }}
run: docker load < images/static-drupal.tar
- name: Use static docker-compose file, to deploy image
run: make static-docker-compose.yml
# The primary purpose of this step is to make sure all the non-drupal images are
# downloaded.
- name: Load the irest of the stack
run: docker-compose up -d
# Push docker images, if we are on the appropriate branch or tag
- name: Docker Push
if: ${{ github.event_name != 'pull_request' && env.DOCKER_USER }}
run: sh tag_and_push_images.sh
# Experimental way to delete artifact
- name: Delete Temporary Images
uses: geekyeggo/delete-artifact@v1
with:
name: drupal-image
#- name: Notify Slack
# uses: 8398a7/action-slack@v3
# with:
# status: ${{ job.status }}
# fields: repo,message,commit,author,action,eventName,ref,workflow,job,took,pullRequest # selectable (default: repo,message)
# env:
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required
# if: failure()