forked from intel/cve-bin-tool
-
Notifications
You must be signed in to change notification settings - Fork 0
79 lines (63 loc) · 2.76 KB
/
update-js-dependencies.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# This is a scheduled workflow to keep hardcoded JS dependencies up to date
name: Update JS dependencies
on:
schedule:
# Runs at 00:00 UTC on the 2nd January of every year
- cron: '0 0 2 1 *'
# Allows you to run this workflow manually
workflow_dispatch:
permissions:
contents: read
jobs:
update:
permissions:
contents: write # for peter-evans/create-pull-request to create branch
pull-requests: write # for peter-evans/create-pull-request to create a PR
runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'
- name: Update JS dependencies
run: python .github/workflows/update_js_dependencies.py
- name: Get cached Python packages
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade setuptools wheel
python -m pip install --upgrade . pytest-xdist pytest-playwright
python -m playwright install chromium --with-deps
- name: Run HTML tests
run: python -m pytest -v -n auto test/test_html.py
- name: Create Pull Request
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
with:
commit-message: "chore: update js dependencies"
title: "chore: update js dependencies"
branch: chore-js-dependencies
delete-branch: true
author: GitHub <[email protected]>
body: |
Check generated HTML report for any regressions [here][1].
[1]: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
- name: Generate mock report
run: |
python -c 'from test.test_output_engine import TestOutputEngine; \
from cve_bin_tool.output_engine.html import output_html; \
output_html(TestOutputEngine.MOCK_OUTPUT, None, "", "", "", 3, 3, 0, None, None, open("test.html", "w"))'
- name: Upload mock report
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: HTML report
path: test.html