fix for CVE-2022-46751 #25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: PR Build | |
on: [ pull_request ] | |
env: | |
GRADLE_OPTS: -Dorg.gradle.daemon=false -Xmx2g -Xms2g | |
GRADLE_ARGS: -x :kayenta-integration-tests:test | |
CONTAINER_REGISTRY: us-docker.pkg.dev/spinnaker-community/docker | |
jobs: | |
integration-tests: | |
name: Integration-tests | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
tests: | |
['Management', 'Swagger'] | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v2 | |
- name: Gradle validation step | |
uses: gradle/wrapper-validation-action@v1 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v2 | |
with: | |
java-version: 11 | |
distribution: 'zulu' | |
cache: 'gradle' | |
- name: Run Integration Test | |
run: | | |
./gradlew kayenta-integration-tests:test --tests ${{ matrix.tests }}Test | |
provider-integration-tests: | |
name: Provider-Integration-tests | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
provider: ['Prometheus', 'Graphite'] | |
test: ['canaryAnalysisIsSuccessful', 'canaryAnalysisIsFailed'] | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v2 | |
- name: Gradle validation step | |
uses: gradle/wrapper-validation-action@v1 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v2 | |
with: | |
java-version: 11 | |
distribution: 'zulu' | |
cache: 'gradle' | |
- name: Run Provider Integration Test | |
run: | | |
./gradlew kayenta-integration-tests:test --tests ${{ matrix.provider }}StandaloneCanaryAnalysisTest.${{ matrix.test }} | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- uses: actions/setup-java@v2 | |
with: | |
java-version: 11 | |
distribution: 'zulu' | |
cache: 'gradle' | |
- name: Prepare build variables | |
id: build_variables | |
run: | | |
echo ::set-output name=REPO::${GITHUB_REPOSITORY##*/} | |
echo ::set-output name=VERSION::"$(git describe --tags --abbrev=0 --match="v[0-9]*" | cut -c2-)-dev-pr-${GITHUB_SHA::8}-$(date --utc +'%Y%m%d%H%M')" | |
- name: Build | |
env: | |
ORG_GRADLE_PROJECT_version: ${{ steps.build_variables.outputs.VERSION }} | |
run: ./gradlew build ${{ steps.build_variables.outputs.REPO }}-web:installDist $GRADLE_ARGS | |
- name: Build slim container image | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
file: Dockerfile.slim | |
platforms: linux/amd64,linux/arm64 | |
tags: | | |
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:latest" | |
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:${{ steps.build_variables.outputs.VERSION }}" | |
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:latest-slim" | |
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:${{ steps.build_variables.outputs.VERSION }}-slim" | |
- name: Build ubuntu container image | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
file: Dockerfile.ubuntu | |
platforms: linux/amd64,linux/arm64 | |
tags: | | |
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:latest-ubuntu" | |
"${{ env.CONTAINER_REGISTRY }}/${{ steps.build_variables.outputs.REPO }}:${{ steps.build_variables.outputs.VERSION }}-ubuntu" |