Skip to content

Update dependency webpack to v5.94.0 [SECURITY] (master) #3342

Update dependency webpack to v5.94.0 [SECURITY] (master)

Update dependency webpack to v5.94.0 [SECURITY] (master) #3342

Workflow file for this run

# This is a basic workflow to help you get started with Actions
name: CI
# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the master branch
push:
paths-ignore:
- '.circleci'
branches-ignore:
# Run only renovate PR
- 'renovate/*'
pull_request:
branches:
- '*'
paths-ignore:
- '.circleci'
types: [opened, reopened, synchronize, closed]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
webpack:
if: github.event.action != 'closed' || github.event.pull_request.merged == true
runs-on: ubuntu-latest
steps:
# Dump environment variables & event
- uses: hmarr/debug-action@v2
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action@0.11.0
with:
access_token: ${{ github.token }}
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Checkout
uses: actions/checkout@v3.1.0
- name: Setup Node.js environment
uses: actions/setup-node@v3
with:
# Version Spec of the version to use. Examples: 12.x, 10.15.1, >=10.15.0
node-version: '16'
- name: Cache npm files
id: cache-npm
uses: actions/cache@v3
with:
path: ~/.npm
key: |
modules-${{ hashFiles('**/package-lock.json') }}
- name: Install dependencies
if: steps.cache.outputs.cache-npm != 'true'
run: npm ci --ignore-scripts
- name: Cache node modules
id: cache-node_modules
uses: actions/cache@v3
with:
path: ~/.npm
key: |
modules-${{ hashFiles('**/package-lock.json') }}
- name: 'Tar node_modules files'
run: tar -cf ~/node_modules.tar node_modules
- uses: actions/upload-artifact@v3
with:
name: node_modules
path: ~/node_modules.tar
- name: Cache Dojo
id: cache-dojo
uses: actions/cache@v3
with:
path: UI/js
key: dojo-${{ hashFiles('UI/js-src/**', 'UI/src/**', 'UI/css/**','UI/**/*.html','doc/sources/**') }}
- name: Build Dojo
run: |
make dojo
make readme
if: steps.cache-dojo.outputs.cache-hit != 'true' ||
steps.cache-node_modules.outputs.cache-hit != 'true'
- name: 'Tar Webpacked files'
run: tar -cf ~/webpacked_js.tar UI/js
- uses: actions/upload-artifact@v3
with:
name: webpacked_js
path: ~/webpacked_js.tar
# This workflow contains a single job called "build"
build:
if: (github.event.action != 'closed' || github.event.pull_request.merged == true)
# The type of runner that the job will run on
runs-on: ubuntu-latest
needs: webpack
# Don't let it run for more than an hour
timeout-minutes: 60
# Service containers to run
strategy:
fail-fast: false
matrix:
include:
- perl: "5.34"
postgres: "13"
BROWSER: "chrome"
COVERAGE: 1
- perl: "5.32"
postgres: "latest"
BROWSER: "firefox"
COA_TESTING: 1
- perl: "5.32"
postgres: "12"
BROWSER: "operablink"
DB_TESTING: 1
services:
# Label used to access the service container
postgres:
# Docker database image
image: ghcr.io/ledgersmb/dev-postgres:${{ matrix.postgres }}
# Maps tcp port 5432 on service container to the host
ports:
- 5432:5432
# Provide the password for postgres
env:
POSTGRES_PASSWORD: test
# needed because the postgres container does not provide a healthcheck
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
mailhog:
image: mailhog/mailhog:latest
ports:
- 1025:1025
- 8025:8025
env:
BROWSER: ${{ matrix.BROWSER }}
COA_TESTING: ${{ matrix.COA_TESTING }}
DB_TESTING: ${{ matrix.DB_TESTING }}
DEVEL_COVER_OPTIONS: -silent,1,+ignore,(^x?t/|^local/|^utils/|\.lttc\$|^/usr/|^/opt/|starman\$\$),-summary,1
JOB_COUNT: 5
LSMB_BASE_URL: http://lsmb:5000
LSMB_NEW_DB: lsmb_test
LSMB_NEW_DB_API: lsmb_test_api
MONITOR_FILE: cpu-memory-usage
PGDB: lsmb_test
PGHOST: localhost
PGPASSWORD: test
PGPORT: 5432
PGUSER: postgres
PSGI_BASE_URL: http://lsmb:5762
RELEASE_TESTING: 1
REMOTE_SERVER_ADDR: 127.0.0.1
SSMTP_FROMLINE_OVERRIDE: YES
SSMTP_HOSTNAME: lsmb
SSMTP_MAILHUB: lsmb:1025
MH_SENDMAIL_SMTP_ADDR: lsmb:1025
UIUSER: Jest
UIPASSWORD: Tester
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action@0.11.0
with:
access_token: ${{ github.token }}
- name: Install TinyTex
uses: r-lib/actions/setup-tinytex@v2
- name: Install missing TeX packages
run: |
tlmgr update --self
tlmgr install koma-script
- name: Set host alias (why doesn't Github do it itself)
run: |
hostname -i | awk '{printf("%s lsmb\n",$1)}' | sudo tee -a /etc/hosts
- name: Sendmail
run: |
wget --quiet https://github.com/mailhog/mhsendmail/releases/download/v0.2.0/mhsendmail_linux_amd64
sudo chmod +x mhsendmail_linux_amd64
sudo mv mhsendmail_linux_amd64 /usr/local/bin/sendmail
echo -e "To: you@lsmb\n" \
"Subject: sendmail test\n" \
"From: me@lsmb\n" "\n" \
"And here goes the e-mail body, test test test..\n" | \
sendmail me@test
curl lsmb:8025/api/v2/messages
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Checkout
uses: actions/checkout@v3.1.0
- name: Install GNU gettext
run: sudo apt -q -y install gettext
- name: Create logging directories
run: |
mkdir -p logs/screens
cp doc/conf/ledgersmb.conf.default ledgersmb.conf
sed -i -e 's/db_namespace = public/db_namespace = xyz/' ledgersmb.conf
- name: Setup Perl environment
uses: shogo82148/actions-setup-perl@v1
with:
perl-version: ${{ matrix.perl }}
install-modules-with: cpanm
install-modules: |
Devel::Cover
Devel::Cover::Report::Coveralls
Syntax::Keyword::Try
Syntax::Keyword::Try::Deparse
# Features and Devel modules
install-modules-args: >
--metacpan
--with-develop
--with-feature=starman
--with-feature=latex-pdf-ps
--with-feature=openoffice
--with-feature=xls
--with-feature=edi
- uses: actions/download-artifact@v3
with:
name: webpacked_js
- name: 'Untar Webpacked files'
run: tar -xf webpacked_js.tar
- name: Starting 'nginx'
run: |
nginx -c $GITHUB_WORKSPACE/doc/conf/webserver/nginx-github.conf \
-p $GITHUB_WORKSPACE &
# This will start a hub and JOB_COUNT matrix.
- name: Starting hub with ${{ matrix.BROWSER }}
run: |
docker-compose --log-level CRITICAL \
--file=utils/selenium/docker-compose.yml \
--file=utils/selenium/docker-compose-${{ matrix.BROWSER }}.yml \
up \
--detach \
--scale ${{ matrix.BROWSER }}=$JOB_COUNT \
- name: Setup coverage
run: |
echo "PERL5LIB=$GITHUB_WORKSPACE/local/lib/perl5/x86_64-linux:$PERL5LIB" >> $GITHUB_ENV
echo "PERL5OPT=-MSyntax::Keyword::Try::Deparse -MDevel::Cover=${{ env.DEVEL_COVER_OPTIONS }}" >> $GITHUB_ENV
echo "YATH_DEVEL_COVER_OPTIONS=--cover=\"${{ env.DEVEL_COVER_OPTIONS }}\"" >> $GITHUB_ENV
echo "JOB_COUNT=2" >> $GITHUB_ENV
echo "UITESTS=--coverage" >> $GITHUB_ENV
if: ${{ matrix.COVERAGE }}
- name: Starting 'starman'
run: |
PERL5OPT="$PERL5OPT $STARMAN_DEVEL_COVER_OPTIONS" \
starman --preload-app --pid starman.pid --workers $JOB_COUNT \
--max-requests 5000 --error-log logs/starman-error.log \
-Ilib -Iold/lib --port 5762 bin/ledgersmb-server.psgi &
# Fix the condition to debug
- name: Setup upterm session
uses: mxschmitt/action-tmate@v3
if: ${{ matrix.BROWSER == 'chrome' && 0 }}
# Do API Tests
- uses: actions/download-artifact@v3
with:
name: node_modules
- name: 'Untar node modules'
run: tar -xf node_modules.tar
- name: Run API tests
run: |
PERL5LIB="lib:old/lib:$PERL5LIB" make jstest TESTS="$UITESTS"
# Do perl tests
- name: Run Perl tests
run: |
make devtest TESTS="$TESTS --no-progress --job-count $JOB_COUNT $YATH_DEVEL_COVER_OPTIONS t xt"
env:
LSMB_TEST_DB: 1
COA_TESTING: ${{ matrix.COA_TESTING }}
COVERAGE: ${{ matrix.COVERAGE }}
DB_TESTING: ${{ matrix.DB_TESTING }}
# Send UI coverage before Perl
- name: Upload UI coverage data
uses: coverallsapp/github-action@1.1.3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
flag-name: ui
parallel: true
path-to-lcov: ${{ github.workspace }}/coverage/lcov.info
if: ${{ matrix.COVERAGE }}
# Upload coverage data if needed
- name: Upload coverage data
run: |
unset PERL5OPT
cover -report coveralls
cover -report text > logs/coverage.txt
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COVERALLS_FLAG_NAME: perl
COVERALLS_PARALLEL: true
if: ${{ matrix.COVERAGE }}
- name: Close parallel UI coverage data
uses: coverallsapp/github-action@1.1.3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
parallel-finished: true
path-to-lcov: ${{ github.workspace }}/coverage/lcov.info
if: ${{ matrix.COVERAGE }}
# Send logs & artifacts
- name: Collect docker logs
uses: jwalton/gh-docker-logs@v2
with:
dest: 'logs/docker-logs'
if: always()
- name: Archive production artifacts
uses: actions/upload-artifact@v3
with:
name: logs-and-screens ${{ matrix.perl }} ${{ matrix.BROWSER }}
path: |
logs/**
/tmp/nginx*.log
if: always()
build-dev:
if: github.event.action == 'closed' && github.event.pull_request.merged == true
runs-on: ubuntu-latest
needs: build
steps:
- name: Checkout
uses: actions/checkout@v3.1.0
- name: Check if merge must trigger
id: pr_trigger
shell: bash
run: |
URL="https://api.github.com/repos/${{ github.repository }}/commits/${{ github.sha }}"
FILES=$(curl -s -X GET -G $URL | jq -r '.files[].filename')
if echo $FILES | grep -q "cpanfile"; then
echo ::set-output name=MUST_TRIGGER::1
fi
- name: Repository Dispatch to the Development image
uses: peter-evans/repository-dispatch@v2
with:
token: ${{ secrets.DOCKER_TOKEN }}
repository: ${{ github.repository_owner }}/ledgersmb-dev-docker
event-type: master-updated
client-payload: '{"ref": "${{ github.ref }}", "sha": "${{ github.sha }}"}'
if: steps.pr_trigger.outputs.MUST_TRIGGER