Skip to content

Upgrade due to sec vul #257

Upgrade due to sec vul

Upgrade due to sec vul #257

Workflow file for this run

name: proTES checks
on:
push:
branches: [dev]
pull_request:
branches: [dev]
jobs:
lint:
name: Run linting
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Install requirements
run: |
pip install .
pip install -r requirements_dev.txt
- name: Lint with Flake8
run: flake8 pro_tes/ setup.py
- name: Lint with Pylint
run: pylint pro_tes/ setup.py
- name: Type check with mypy
run: mypy pro_tes/
test:
name: Run tests
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Install requirements
run: |
pip install .
pip install -r requirements_dev.txt
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
- name: Deploy app
run: docker-compose up -d --build
- name: Wait for app startup
run: sleep 20
- name: Run integration tests
shell: bash
run: pytest tests/test_integration
- name: Tear down app
run: docker-compose down
publish:
name: Build and publish app image
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' }}
needs: [lint, test]
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Generate tag
run: |
echo "TAG=$(date '+%Y%m%d')" >> $GITHUB_ENV
- name: Build and publish image
id: docker
uses: philips-software/[email protected]
with:
dockerfile: .
image-name: "protes"
tags: "latest ${{ env.TAG }}"
push-branches: "${{ github.event.repository.default_branch }}"
env:
REGISTRY_USERNAME: ${{ secrets.DOCKERHUB_LOGIN }}
REGISTRY_TOKEN: "${{ secrets.DOCKERHUB_TOKEN }}"
DOCKER_ORGANIZATION: ${{ secrets.DOCKERHUB_ORG }}
GITHUB_ORGANIZATION: ${{ github.repository_owner }}
- name: Verify that image was pushed
run: |
echo "Push indicator: ${{ steps.docker.outputs.push-indicator }}"
echo "# Set to 'true' if image was pushed, empty string otherwise"
test "${{ steps.docker.outputs.push-indicator }}" == "true"