Skip to content

[Snyk] Security upgrade docker from dind to 26.1.4-dind-alpine3.20 #480

[Snyk] Security upgrade docker from dind to 26.1.4-dind-alpine3.20

[Snyk] Security upgrade docker from dind to 26.1.4-dind-alpine3.20 #480

Workflow file for this run

---
name: build-pipeline
on:
pull_request:
branches:
- master
defaults:
run:
shell: bash
jobs:
shell-checker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: checking syntax of shell script
run: bash -c 'shopt -s globstar nullglob; shellcheck **/*.{sh,ksh,bash}' || true
gitleaks-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Run GitLeaks
run: |
wget https://github.com/gitleaks/gitleaks/releases/download/v8.18.2/gitleaks_8.18.2_linux_x64.tar.gz && \
tar -zxvf gitleaks_8.18.2_linux_x64.tar.gz && \
sudo mv gitleaks /usr/local/bin && gitleaks detect --source . -v
changes:
runs-on: ubuntu-latest
# Set job outputs to values from filter step
# this is done to run the selective jobs based on the code change
outputs:
kafka-deployer: ${{ steps.filter.outputs.kafka-deployer }}
forkbomb: ${{ steps.filter.outputs.forkbomb }}
fio: ${{ steps.filter.outputs.fio }}
mysql-client: ${{ steps.filter.outputs.mysql-client }}
sysbench-client: ${{ steps.filter.outputs.sysbench-client }}
tpcc-client: ${{ steps.filter.outputs.tpcc-client }}
stress-ng: ${{ steps.filter.outputs.stress-ng }}
mongo-client: ${{ steps.filter.outputs.mongo-client }}
postgres-client: ${{ steps.filter.outputs.postgres-client }}
custom-client: ${{ steps.filter.outputs.custom-client }}
logger: ${{ steps.filter.outputs.logger }}
dd-client: ${{ steps.filter.outputs.dd-client }}
memleak: ${{ steps.filter.outputs.memleak }}
elasticsearch-stress: ${{ steps.filter.outputs.elasticsearch-stress }}
kafka-client: ${{ steps.filter.outputs.kafka-client }}
memory-stress: ${{ steps.filter.outputs.memory-stress }}
nfs-client: ${{ steps.filter.outputs.nfs-client }}
cassandra-client: ${{ steps.filter.outputs.cassandra-client }}
litmus-app-deployer: ${{ steps.filter.outputs.litmus-app-deployer }}
litmus-qps-cmd: ${{ steps.filter.outputs.litmus-qps-cmd }}
container-killer: ${{ steps.filter.outputs.container-killer }}
litmus-git-app-checker: ${{ steps.filter.outputs.litmus-git-app-checker }}
litmus-k8s: ${{ steps.filter.outputs.litmus-k8s }}
litmus-curl: ${{ steps.filter.outputs.litmus-curl }}
litmus-checker: ${{ steps.filter.outputs.litmus-checker }}
litmus-argocli: ${{ steps.filter.outputs.litmus-argocli }}
workflow-controller: ${{ steps.filter.outputs.workflow-controller }}
argoexec: ${{ steps.filter.outputs.argoexec }}
mongo: ${{ steps.filter.outputs.mongo }}
litmus-pg-load: ${{ steps.filter.outputs.litmus-pg-load }}
litmus-experiment-hardened-alpine: ${{ steps.filter.outputs.litmus-experiment-hardened-alpine }}
litmus-infra-hardened-alpine: ${{ steps.filter.outputs.litmus-infra-hardened-alpine }}
litmus-pg-jmeter: ${{ steps.filter.outputs.litmus-pg-jmeter }}
mongo-utils: ${{ steps.filter.outputs.mongo-utils }}
litmusctl: ${{ steps.filter.outputs.litmusctl }}
litmus-redis-load: ${{ steps.filter.outputs.litmus-redis-load }}
litmus-helm-agent: ${{ steps.filter.outputs.litmus-helm-agent }}
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- uses: dorny/paths-filter@v2
id: filter
with:
filters: |
forkbomb:
- 'resource_stress/forkbomb/**'
fio:
- 'io_tools/fio/**'
mysql-client:
- 'app_clients/mysql-client/**'
sysbench-client:
- 'io_tools/sysbench/**'
tpcc-client:
- 'io_tools/tpcc/**'
stress-ng:
- 'resource_stress/stress-ng/**'
mongo-client:
- 'app_clients/mongo-client/**'
postgres-client:
- 'app_clients/postgres-client/**'
custom-client:
- 'custom/custom-client/**'
litmus-checker:
- 'custom/litmus-checker/**'
litmus-experiment-hardened-alpine:
- 'custom/hardened-alpine/experiment/**'
litmus-infra-hardened-alpine:
- 'custom/hardened-alpine/infra/**'
logger:
- 'log_utils/logger/**'
dd-client:
- 'io_tools/dd/**'
memleak:
- 'resource_stress/memleak/**'
elasticsearch-stress:
- 'app_clients/elasticsearch-stress/**'
kafka-client:
- 'app_clients/kafka-client/**'
nfs-client:
- 'app_clients/nfs-client/**'
cassandra-client:
- 'app_clients/cassandra-client/**'
litmus-app-deployer:
- 'custom/workflow-helper/app-deployer/**'
litmus-qps-cmd:
- 'custom/workflow-helper/app-qps-test/**'
container-killer:
- 'containerd/crictl/**'
litmus-git-app-checker:
- 'custom/workflow-helper/app-checker/**'
litmus-k8s:
- 'custom/k8s/**'
litmus-curl:
- 'custom/curl/**'
litmus-argocli:
- 'custom/argo-server/**'
workflow-controller:
- 'custom/argo-workflow-controller/**'
argoexec:
- 'custom/argo-workflow-executor/**'
mongo:
- 'custom/mongo/**'
kafka-deployer:
- 'custom/app-setup/kafka/**'
litmus-pg-load:
- 'custom/workflow-helper/postgres-helper/load-test/**'
litmus-pg-jmeter:
- 'custom/workflow-helper/postgres-helper/jmeter/**'
mongo-utils:
- 'custom/mongo-utils/**'
litmusctl:
- 'custom/litmusctl/**'
litmus-redis-load:
- 'custom/workflow-helper/redis-helper/load-gen/**'
litmus-helm-agent:
- 'custom/litmus-helm-agent/**'
litmus-app-deployer:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-app-deployer == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-app-deployer image
run: make litmus-app-deployer
litmus-qps-cmd:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-qps-cmd == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-qps-cmd image
run: make litmus-qps-cmd
litmus-checker:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-checker == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-checker image
run: make litmus-checker
litmus-infra-hardened-alpine:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-infra-hardened-alpine == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-infra-hardened-alpine image
run: make litmus-infra-hardened-alpine
litmus-experiment-hardened-alpine:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-experiment-hardened-alpine == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-experiment-hardened-alpine image
run: make litmus-experiment-hardened-alpine
litmus-git-app-checker:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-git-app-checker == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-git-app-checker image
run: make litmus-git-app-checker
litmus-k8s:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-k8s == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-k8s image
run: make litmus-k8s
litmus-curl:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-curl == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-curl image
run: make litmus-curl
kafka-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.kafka-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building kafka-client image
run: make kafka-client
cassandra-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.cassandra-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building cassandra-client image
run: make cassandra-client
litmus-argocli:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-argocli == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-argocli image
run: make litmus-argocli
litmus-argo-workflow-controller:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.workflow-controller == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building workflow-controller image
run: make litmus-argo-workflow-controller
litmus-argo-workflow-executor:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.argoexec == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building argoexec image
run: make litmus-argo-workflow-executor
mongo:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.mongo == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building mongo image
run: make litmus-mongo
kafka-deployer:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.kafka-deployer == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building kafka-deployer image
run: make litmus-kafka-deployer
mysql-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.mysql-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building mysql-client image
run: make mysql-client
sysbench-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.sysbench-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building sysbench-client image
run: make sysbench
tpcc-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.tpcc-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building tpcc-client image
run: make tpcc
stress-ng:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.stress-ng == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building stress-ng image
run: make stress-ng
mongo-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.mongo-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building mongo-client image
run: make mongo-client
postgres-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.postgres-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building postgres-client image
run: make postgres-client
custom-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.custom-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building custom-client image
run: make custom-client
logger:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.logger == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building logger image
run: make logger
dd-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.dd-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building dd-client image
run: make dd
memleak:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.memleak == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building memleak image
run: make memleak
elasticsearch-stress:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.elasticsearch-stress == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building elasticsearch-stress image
run: make elasticsearch-stress
memory-stress:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.memory-stress == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building memory-stress image
run: make memory-stress
nfs-client:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.nfs-client == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building nfs-client image
run: make nfs-client
container-killer:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.container-killer == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building container-killer image
run: make container-killer
forkbomb:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.forkbomb == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building forkbomb image
run: make forkbomb
fio:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.fio == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building fio image
run: make fio
litmus-pg-load:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-pg-load == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-pg-load image
run: make litmus-pg-load
litmus-pg-jmeter:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-pg-jmeter == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-pg-jmeter image
run: make litmus-pg-jmeter
mongo-utils:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.mongo-utils == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building mongo-utils image
run: |
make litmus-mongo-utils
litmusctl:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmusctl == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmusctl image
run: |
make litmusctl
litmus-redis-load:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-redis-load == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-redis-load image
run: |
make litmus-redis-load
litmus-helm-agent:
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.litmus-helm-agent == 'true'
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Building litmus-helm-agent image
run: |
make docker.buildx
make litmus-helm-agent