Audit #197

Workflow file for this run

	name: Audit

	on:
	schedule:
	- cron: '30 2 * * *'

	jobs:
	audit:
	name: Audit
	runs-on: ubuntu-22.04
	timeout-minutes: 10

	strategy:
	fail-fast: false
	matrix:
	branch:
	- '2.1'
	- '2.2'
	- '2.3'

	steps:
	# Remove Python packages with wrong version
	- run: sudo apt-get remove python3-debian python3-distro-info
	- name: Install packages
	run: sudo apt-get install --yes gettext libgeos-dev
	- uses: actions/checkout@v4
	with:
	ref: ${{ matrix.branch }}

	token: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
	- uses: camptocamp/initialise-gopass-summon-action@v2
	with:
	ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}}
	github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}}

	- run: python3 -m venv ~/.venv
	- run: ~/.venv/bin/pip install --pre c2cciutils[audit]

	- name: Check .tool-versions file existence
	id: tool-versions
	uses: andstor/file-existence-action@v3
	with:
	files: .tool-versions
	- uses: asdf-vm/actions/install@v3
	if: steps.tool-versions.outputs.files_exists == 'true'
	- run: cat /tmp/python-build.*.log
	if: failure()
	- run: python --version

	- name: Snyk audit
	run: ~/.venv/bin/c2cciutils-audit --branch=${{ matrix.branch }}
	env:
	GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
	- name: Debug Snyk audit
	run: ~/.venv/bin/c2cciutils-audit --branch=${{ matrix.branch }} \|\| true
	env:
	DEBUG: 'snyk'

	GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
	if: failure()
	- name: Update dpkg packages versions
	run: ~/.venv/bin/c2cciutils-docker-versions-update --branch=${{ matrix.branch }}
	env:
	GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
	if: steps.dpkg-versions.outputs.files_exists == 'true'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Audit #197

Workflow file

Audit #197

Jobs

Run details

Workflow file for this run