Add client tool to get CVE for installed packages #151
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
permissions: | |
# Checkout repository | |
contents: read | |
# Push container images | |
packages: write | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres | |
env: | |
POSTGRES_USER: glvd_test | |
POSTGRES_PASSWORD: password | |
ports: | |
- 5432:5432 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build image for tests | |
id: build | |
uses: docker/build-push-action@v5 | |
with: | |
file: Containerfile | |
load: true | |
- name: Run flake8 | |
if: success() || failure() | |
# flake8 is broken right now: https://bugs.debian.org/1057968 | |
continue-on-error: true | |
run: > | |
docker run | |
--network host | |
--rm | |
--entrypoint '' | |
--workdir /usr/local/src | |
${{ steps.build.outputs.imageid }} | |
/bin/sh -c 'apt-get install -y flake8 && flake8' | |
- name: Run py.test | |
if: success() || failure() | |
run: > | |
docker run | |
--network host | |
--rm | |
--entrypoint '' | |
--workdir /usr/local/src | |
--env PGUSER=glvd_test | |
--env PGPASSWORD=password | |
${{ steps.build.outputs.imageid }} | |
/bin/sh -c 'apt-get install -y python3-pytest python3-pytest-asyncio python3-requests-mock && py.test' | |
- name: Run mypy | |
if: success() || failure() | |
run: > | |
docker run | |
--network host | |
--rm | |
--entrypoint '' | |
--workdir /usr/local/src | |
${{ steps.build.outputs.imageid }} | |
/bin/sh -c 'apt-get install -y mypy python3-pytest && mypy --show-error-codes .' | |
- name: Docker meta | |
id: meta | |
if: ${{ github.event_name != 'pull_request' }} | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
ghcr.io/${{ github.repository }} | |
tags: | | |
type=edge | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
- name: Login to GitHub Container Registry | |
if: ${{ github.event_name != 'pull_request' }} | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push image | |
if: ${{ github.event_name != 'pull_request' }} | |
uses: docker/build-push-action@v5 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
file: Containerfile | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} |