[Vulnerabilities] Update Dockerfile Alpine Image from alpine:3.12 => alpine:3.18 #67
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Validations" | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
pull_request: | |
jobs: | |
Static-Analysis: | |
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline | |
name: "Static analysis" | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Bootstrap environment | |
uses: ./.github/actions/bootstrap | |
- name: Run static analysis | |
run: make static-analysis | |
Unit-Test: | |
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline | |
name: "Unit tests" | |
strategy: | |
matrix: | |
platform: | |
- ubuntu-latest | |
# - macos-latest # todo: mac runners are expensive minute-wise | |
# - windows-latest # todo: support windows | |
runs-on: ${{ matrix.platform }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Bootstrap environment | |
uses: ./.github/actions/bootstrap | |
- name: Run unit tests | |
run: make unit | |
Build-Snapshot-Artifacts: | |
name: "Build snapshot artifacts" | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Bootstrap environment | |
uses: ./.github/actions/bootstrap | |
- name: Build snapshot artifacts | |
run: make snapshot | |
- run: docker images wagoodman/dive | |
# todo: compare against known json output in shared volume | |
- name: Test production image | |
run: make ci-test-docker-image | |
# why not use actions/upload-artifact? It is very slow (3 minutes to upload ~600MB of data, vs 10 seconds with this approach). | |
# see https://github.com/actions/upload-artifact/issues/199 for more info | |
- name: Upload snapshot artifacts | |
uses: actions/cache/save@v3 | |
with: | |
path: snapshot | |
key: snapshot-build-${{ github.run_id }} | |
# ... however the cache trick doesn't work on windows :( | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: windows-artifacts | |
path: snapshot/dive_windows_amd64_v1/dive.exe | |
Acceptance-Linux: | |
name: "Acceptance tests (Linux)" | |
needs: [ Build-Snapshot-Artifacts ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@master | |
- name: Download snapshot build | |
uses: actions/cache/restore@v3 | |
with: | |
path: snapshot | |
key: snapshot-build-${{ github.run_id }} | |
- name: Test linux run | |
run: make ci-test-linux-run | |
- name: Test DEB package installation | |
run: make ci-test-deb-package-install | |
- name: Test RPM package installation | |
run: make ci-test-rpm-package-install | |
Acceptance-Mac: | |
name: "Acceptance tests (Mac)" | |
needs: [ Build-Snapshot-Artifacts ] | |
runs-on: macos-latest | |
steps: | |
- uses: actions/checkout@master | |
- name: Download snapshot build | |
uses: actions/cache/restore@v3 | |
with: | |
path: snapshot | |
key: snapshot-build-${{ github.run_id }} | |
- name: Test darwin run | |
run: make ci-test-mac-run | |
Acceptance-Windows: | |
name: "Acceptance tests (Windows)" | |
needs: [ Build-Snapshot-Artifacts ] | |
runs-on: windows-latest | |
steps: | |
- uses: actions/checkout@master | |
- uses: actions/download-artifact@v3 | |
with: | |
name: windows-artifacts | |
- name: Test windows run | |
run: make ci-test-windows-run |