[stable30] fix(security): Update CA certificate bundle #12329
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow is provided via the organization template repository | |
# | |
# https://github.com/nextcloud/.github | |
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization | |
# | |
# SPDX-FileCopyrightText: 2022-2024 Nextcloud GmbH and Nextcloud contributors | |
# SPDX-License-Identifier: MIT | |
name: PHPUnit PostgreSQL | |
on: | |
pull_request: | |
schedule: | |
- cron: "5 2 * * *" | |
permissions: | |
contents: read | |
concurrency: | |
group: phpunit-pgsql-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
changes: | |
runs-on: ubuntu-latest-low | |
outputs: | |
src: ${{ steps.changes.outputs.src }} | |
steps: | |
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
id: changes | |
continue-on-error: true | |
with: | |
filters: | | |
src: | |
- '.github/workflows/**' | |
- '3rdparty/**' | |
- '**/appinfo/**' | |
- '**/lib/**' | |
- '**/templates/**' | |
- '**/tests/**' | |
- 'vendor/**' | |
- 'vendor-bin/**' | |
- '.php-cs-fixer.dist.php' | |
- 'composer.json' | |
- 'composer.lock' | |
- '**.php' | |
phpunit-pgsql: | |
runs-on: ubuntu-latest | |
needs: changes | |
if: needs.changes.outputs.src != 'false' | |
strategy: | |
matrix: | |
php-versions: ['8.1'] | |
# To keep the matrix smaller we ignore PostgreSQL '13', '14', and '15' as we already test 12 and 16 as lower and upper bound | |
postgres-versions: ['12', '16'] | |
include: | |
- php-versions: '8.3' | |
postgres-versions: '16' | |
coverage: ${{ github.event_name != 'pull_request' }} | |
name: PostgreSQL ${{ matrix.postgres-versions }} (PHP ${{ matrix.php-versions }}) - database tests | |
services: | |
cache: | |
image: ghcr.io/nextcloud/continuous-integration-redis:latest | |
ports: | |
- 6379:6379/tcp | |
options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3 | |
postgres: | |
image: ghcr.io/nextcloud/continuous-integration-postgres-${{ matrix.postgres-versions }}:latest | |
ports: | |
- 4444:5432/tcp | |
env: | |
POSTGRES_USER: root | |
POSTGRES_PASSWORD: rootpassword | |
POSTGRES_DB: nextcloud | |
options: --mount type=tmpfs,destination=/var/lib/postgresql/data --health-cmd pg_isready --health-interval 5s --health-timeout 2s --health-retries 5 | |
steps: | |
- name: Checkout server | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
submodules: true | |
- name: Set up php ${{ matrix.php-versions }} | |
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1 | |
with: | |
php-version: ${{ matrix.php-versions }} | |
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation | |
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, pgsql, pdo_pgsql | |
coverage: ${{ matrix.coverage && 'xdebug' || 'none' }} | |
ini-file: development | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up dependencies | |
run: composer i | |
- name: Set up Nextcloud | |
env: | |
DB_PORT: 4444 | |
run: | | |
mkdir data | |
cp tests/redis.config.php config/ | |
cp tests/preseed-config.php config/config.php | |
./occ maintenance:install --verbose --database=pgsql --database-name=nextcloud --database-host=127.0.0.1 --database-port=$DB_PORT --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass admin | |
php -f tests/enable_all.php | grep -i -C9999 error && echo "Error during app setup" && exit 1 || exit 0 | |
- name: PHPUnit database tests | |
run: composer run test:db ${{ matrix.coverage && ' -- --coverage-clover ./clover.db.xml' || '' }} | |
- name: Upload db code coverage | |
if: ${{ !cancelled() && matrix.coverage }} | |
uses: codecov/[email protected] | |
with: | |
files: ./clover.db.xml | |
flags: phpunit-postgres | |
- name: Run repair steps | |
run: | | |
./occ maintenance:repair --include-expensive | |
- name: Print logs | |
if: always() | |
run: | | |
cat data/nextcloud.log | |
summary: | |
permissions: | |
contents: none | |
runs-on: ubuntu-latest-low | |
needs: [changes, phpunit-pgsql] | |
if: always() | |
name: phpunit-pgsql-summary | |
steps: | |
- name: Summary status | |
run: if ${{ needs.changes.outputs.src != 'false' && needs.phpunit-pgsql.result != 'success' }}; then exit 1; fi |