[Snyk] Security upgrade alpine from 3.18.3 to 3.21.0 #1299
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- main | |
- development | |
tags: | |
- v* | |
pull_request: | |
branches: | |
- main | |
- development | |
jobs: | |
build: | |
name: build | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.excludes-matrix.outputs.matrix }} | |
steps: | |
# Check out current commit | |
- name: Checkout | |
uses: actions/checkout@v3 | |
# Make sure buildkit is enabled | |
- name: Enable buildkit | |
shell: bash | |
run: | | |
echo '{"experimental": "enabled"}' > ~/.docker/config.json | |
# Build and Export image for push to github container registry | |
- name: Build and export drupal image | |
run: make static-drupal-image-export | |
# Build and run the static environment | |
- name: Build Static | |
run: make static-docker-compose.yml up | |
- uses: actions/upload-artifact@v2 | |
with: | |
name: drupal-image | |
path: images | |
- name: Generate Test Matrix | |
id: test-matrix | |
uses: jhu-idc/idc-matrixgen@1.0.0 | |
with: | |
key: suite | |
- name: Exclude nightly jobs | |
id: excludes-matrix | |
uses: jhu-idc/idc-matrixgen@1.0.0 | |
with: | |
key: suite | |
glob: '*nightly*.sh' | |
exclude: true | |
matrix: ${{ steps.test-matrix.outputs.matrix }} | |
#- name: Notify Slack | |
# uses: 8398a7/action-slack@v3 | |
# with: | |
# status: ${{ job.status }} | |
# fields: repo,message,commit,author,action,eventName,ref,workflow,job,took,pullRequest # selectable (default: repo,message) | |
# env: | |
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required | |
# if: failure() | |
test: | |
name: test | |
runs-on: ubuntu-latest | |
if: false # Don/Tim: disable testing for now | |
needs: build | |
strategy: | |
matrix: ${{ fromJSON(needs.build.outputs.matrix) }} | |
fail-fast: false | |
steps: | |
# Check out current commit | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Download Drupal Image | |
uses: actions/download-artifact@v2 | |
with: | |
name: drupal-image | |
path: images | |
- name: Load Drupal Image | |
run: docker load < images/static-drupal.tar | |
- name: Use static docker-compose file, to test static image | |
run: make static-docker-compose.yml | |
- name: Up | |
run: make up | |
- name: test | |
run: | | |
mkdir -p end-to-end/reports | |
chmod a+rwx end-to-end/reports | |
make test test=${{ matrix.suite }} | |
- name: reports | |
if: always() | |
run: | | |
mkdir -p end-to-end/reports/${{ matrix.suite }} | |
docker ps | |
docker logs idc_drupal_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/drupal-${{ matrix.suite }}.log | |
docker logs idc_alpaca_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/alpaca-${{ matrix.suite }}.log | |
docker logs idc_homarus_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/homarus-${{ matrix.suite }}.log | |
docker logs idc_crayfits_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/crayfits-${{ matrix.suite }}.log | |
docker logs idc_fits_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/fits-${{ matrix.suite }}.log | |
docker logs idc_houdini_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/houdini-${{ matrix.suite }}.log | |
docker logs idc_dlq_1 2>&1 | tee end-to-end/reports/${{ matrix.suite }}/dlq-${{ matrix.suite }}.log | |
- name: upload reports | |
if: always() | |
uses: actions/upload-artifact@v2 | |
with: | |
name: reports-${{ matrix.suite }} | |
path: end-to-end/reports/${{ matrix.suite }} | |
- name: upload screenshots | |
if: always() | |
uses: actions/upload-artifact@v2 | |
with: | |
name: reports-screenshots | |
path: end-to-end/reports/screenshots | |
#- name: Notify Slack | |
# uses: 8398a7/action-slack@v3 | |
# with: | |
# status: ${{ job.status }} | |
# fields: repo,message,commit,author,action,eventName,ref,workflow,job,took,pullRequest # selectable (default: repo,message) | |
# env: | |
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required | |
# MATRIX_CONTEXT: ${{ toJson(matrix) }} # required | |
# if: failure() | |
deploy: | |
name: Deploy | |
runs-on: ubuntu-latest | |
needs: [ build ] # Tim, Don: removing test dependency | |
env: | |
DOCKER_USER: ${{secrets.DOCKER_USER}} | |
DOCKER_PUSH_REPOSITORY: ${{secrets.DOCKER_PUSH_REPOSITORY}} | |
steps: | |
# Check out current commit | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Docker Login | |
if: ${{ github.event_name != 'pull_request' && env.DOCKER_USER }} | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ env.DOCKER_USER }} | |
password: ${{ secrets.DOCKER_PASS }} | |
- name: Download Drupal Image | |
if: ${{ github.event_name != 'pull_request' && env.DOCKER_USER }} | |
uses: actions/download-artifact@v2 | |
with: | |
name: drupal-image | |
path: images | |
- name: Load Drupal Image | |
if: ${{ github.event_name != 'pull_request' && env.DOCKER_USER }} | |
run: docker load < images/static-drupal.tar | |
- name: Use static docker-compose file, to deploy image | |
run: make static-docker-compose.yml | |
# The primary purpose of this step is to make sure all the non-drupal images are | |
# downloaded. | |
- name: Load the irest of the stack | |
run: docker-compose up -d | |
# Push docker images, if we are on the appropriate branch or tag | |
- name: Docker Push | |
if: ${{ github.event_name != 'pull_request' && env.DOCKER_USER }} | |
run: sh tag_and_push_images.sh | |
# Experimental way to delete artifact | |
- name: Delete Temporary Images | |
uses: geekyeggo/delete-artifact@v1 | |
with: | |
name: drupal-image | |
#- name: Notify Slack | |
# uses: 8398a7/action-slack@v3 | |
# with: | |
# status: ${{ job.status }} | |
# fields: repo,message,commit,author,action,eventName,ref,workflow,job,took,pullRequest # selectable (default: repo,message) | |
# env: | |
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required | |
# if: failure() |