Skip to content

Add client tool to get CVE for installed packages #151

Add client tool to get CVE for installed packages

Add client tool to get CVE for installed packages #151

Workflow file for this run

name: build
on:
pull_request:
push:
branches:
- main
permissions:
# Checkout repository
contents: read
# Push container images
packages: write
jobs:
build:
runs-on: ubuntu-latest
services:
postgres:
image: postgres
env:
POSTGRES_USER: glvd_test
POSTGRES_PASSWORD: password
ports:
- 5432:5432
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build image for tests
id: build
uses: docker/build-push-action@v5
with:
file: Containerfile
load: true
- name: Run flake8
if: success() || failure()
# flake8 is broken right now: https://bugs.debian.org/1057968
continue-on-error: true
run: >
docker run
--network host
--rm
--entrypoint ''
--workdir /usr/local/src
${{ steps.build.outputs.imageid }}
/bin/sh -c 'apt-get install -y flake8 && flake8'
- name: Run py.test
if: success() || failure()
run: >
docker run
--network host
--rm
--entrypoint ''
--workdir /usr/local/src
--env PGUSER=glvd_test
--env PGPASSWORD=password
${{ steps.build.outputs.imageid }}
/bin/sh -c 'apt-get install -y python3-pytest python3-pytest-asyncio python3-requests-mock && py.test'
- name: Run mypy
if: success() || failure()
run: >
docker run
--network host
--rm
--entrypoint ''
--workdir /usr/local/src
${{ steps.build.outputs.imageid }}
/bin/sh -c 'apt-get install -y mypy python3-pytest && mypy --show-error-codes .'
- name: Docker meta
id: meta
if: ${{ github.event_name != 'pull_request' }}
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/${{ github.repository }}
tags: |
type=edge
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: Login to GitHub Container Registry
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push image
if: ${{ github.event_name != 'pull_request' }}
uses: docker/build-push-action@v5
with:
platforms: linux/amd64,linux/arm64
file: Containerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}