Skip to content

Update few security related issues #197

Update few security related issues

Update few security related issues #197

Workflow file for this run

name: CI
env:
PYTHON_VERSION: "3.8"
GO_VERSION: "1.19"
on:
push:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: "true"
- name: Setup Docker
uses: docker-practice/actions-setup-docker@master
- name: Setup go
uses: actions/setup-go@v4
with:
go-version: "1.17.9"
- name: Install deps
run: |
sudo apt-get update
sudo apt-get -y install make build-essential
go version
go mod download
- name: Build
run: |
pwd
chmod u+x ./ci.sh
./ci.sh build
- name: Get Branch
id: get_branch
run: |
echo "branch=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_OUTPUT
- name: Get Version
id: get_version
run: |
echo "version=v$(head ./version | cut -d' ' -f1)" >> $GITHUB_OUTPUT
env:
GITHUB_TOKEN: ${{ secrets.ENV_GITHUB_PAT }}
- name: Generate Artifacts
run: |
chmod u+x ./ci.sh
./ci.sh gen_artifacts
- uses: actions/upload-artifact@master
with:
name: release-artifact
path: release/
b2b:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments \
&& cp release/keng-operator.tar.gz tests/deployments \
&& ls tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test b2b
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: b2b
path: tests/logs-b2b
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
dut:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test dut
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: dut
path: tests/logs-dut
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
lag:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test lag
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: lag
path: tests/logs-lag
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
license:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test license
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: license
path: tests/logs-license
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
liveness:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test liveness
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: liveness
path: tests/logs-liveness
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
miscellaneous:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test miscellaneous
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: miscellaneous
path: tests/logs-miscellaneous
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
negative:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test negative
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: negative
path: tests/logs-negative
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
performance:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test performance
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: performance
path: tests/logs-performance
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
resource:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test resource
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: resource
path: tests/logs-resource
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
rest:
needs: build
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Setup docker
uses: docker-practice/actions-setup-docker@master
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Copy Artifacts
run: |
cp release/ixiatg-operator.yaml tests/deployments
cp release/keng-operator.tar.gz tests/deployments
- name: Setup KNE cluster
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh create_setup
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Setup Prerequisites
run: |
./ci.sh setup_pre_test
- name: Run Tests
run: |
./ci.sh run_test rest
- name: Archive logs
if: always()
uses: actions/upload-artifact@v3
with:
name: rest
path: tests/logs-rest
- name: Destroy KNE cluster
run: |
./ci.sh destroy_setup
release:
runs-on: ubuntu-latest
needs: [b2b, dut, lag, license, liveness, miscellaneous, negative, performance, resource, rest]
steps:
- name: Checkout
if: always()
uses: actions/checkout@v4
with:
submodules: "true"
- name: Setup Docker
if: always()
uses: docker-practice/actions-setup-docker@master
- name: Get Branch
if: always()
id: get_branch
run: |
echo "branch=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_OUTPUT
- name: Get Version
id: get_version
run: |
echo "version=v$(head ./version | cut -d' ' -f1)" >> $GITHUB_OUTPUT
- name: Get Artifacts
uses: actions/download-artifact@master
with:
name: release-artifact
path: release/
- name: Check tag for current version
if: always()
uses: mukunku/[email protected]
id: check_tag
with:
tag: ${{ steps.get_version.outputs.version }}
env:
GITHUB_TOKEN: ${{ secrets.ENV_GITHUB_PAT }}
- name: Publishing Artifacts
if: steps.check_tag.outputs.exists == 'false'
run: |
GITHUB_USER=${{ secrets.ENV_GITHUB_USER }} GITHUB_PAT=${{ secrets.ENV_GITHUB_PAT }} ./ci.sh publish ${{ steps.get_branch.outputs.branch }}
- name: Create Release
if: steps.check_tag.outputs.exists == 'false' && steps.get_branch.outputs.branch == 'main'
uses: ncipollo/release-action@v1
with:
artifacts: "release/*"
tag: ${{ steps.get_version.outputs.version }}
token: ${{ secrets.ENV_GITHUB_PAT }}
commit: ${{ github.sha }}