[Snyk] Security upgrade requests from 2.28.2 to 2.32.2 #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Based on https://github.com/aptly-dev/aptly/blob/master/.travis.yml | |
name: CI | |
on: | |
pull_request: | |
push: | |
tags: | |
- 'v*' | |
branches: | |
- 'master' | |
defaults: | |
run: | |
# see: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell | |
shell: bash --noprofile --norc -eo pipefail -x {0} | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
jobs: | |
build: | |
name: test | |
runs-on: ubuntu-22.04 | |
continue-on-error: false | |
timeout-minutes: 30 | |
env: | |
NO_FTP_ACCESS: yes | |
BOTO_CONFIG: /dev/null | |
GO111MODULE: "on" | |
GOPROXY: "https://proxy.golang.org" | |
GOVER: '1.21' | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GOVER }} | |
- name: Get aptly version | |
run: | | |
make version | |
go generate | |
- name: Setup Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: '3.11' | |
- name: Install O/S packages | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y graphviz gnupg2 gpgv2 git gcc make | |
- name: Install Python packages | |
run: | | |
pip install six packaging appdirs virtualenv | |
pip install -U pip setuptools | |
pip install -r system/requirements.txt | |
- name: Install Azurite | |
id: azuright | |
uses: potatoqualitee/[email protected] | |
with: | |
directory: ${{ runner.temp }} | |
- name: Make | |
env: | |
RUN_LONG_TESTS: 'yes' | |
AZURE_STORAGE_ENDPOINT: "http://127.0.0.1:10000/devstoreaccount1" | |
AZURE_STORAGE_ACCOUNT: "devstoreaccount1" | |
AZURE_STORAGE_ACCESS_KEY: "Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==" | |
run: | | |
COVERAGE_DIR=${{ runner.temp }} make | |
- name: Merge code coverage | |
run: | | |
go install github.com/wadey/gocovmerge@latest | |
~/go/bin/gocovmerge unit.out ${{ runner.temp }}/*.out > coverage.txt | |
- name: Upload code coverage | |
uses: codecov/codecov-action@v2 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: coverage.txt | |
release: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
name: [Ubuntu-20, Ubuntu-22, Debian-10, Debian-11, Debian-12] | |
include: | |
- name: Ubuntu-20 | |
image: "ubuntu:20.04" | |
suite: focal | |
GOVER: '1.21' | |
install: "make ca-certificates git curl" | |
- name: Ubuntu-22 | |
image: "ubuntu:22.04" | |
suite: jammy | |
install: "make ca-certificates git curl golang" | |
- name: Debian-10 | |
image: "debian:buster" | |
suite: buster | |
GOVER: '1.21' | |
install: "make ca-certificates git curl" | |
- name: Debian-11 | |
image: "debian:bullseye" | |
suite: bullseye | |
GOVER: '1.21' | |
install: "make ca-certificates git curl" | |
- name: Debian-12 | |
image: "debian:bookworm" | |
suite: bookworm | |
install: "make ca-certificates git curl golang" | |
container: | |
image: ${{ matrix.image }} | |
env: | |
APT_LISTCHANGES_FRONTEND: none | |
DEBIAN_FRONTEND: noninteractive | |
steps: | |
- name: Install O/S packages | |
run: | | |
apt-get update | |
apt-get install -y --no-install-recommends ${{ matrix.install }} | |
git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
echo GOVER: ${{ env.GOVER }} | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
# fetch the whole repo for `git describe` to | |
# work and get the nightly verion | |
fetch-depth: 0 | |
- name: Setup Go | |
if: ${{ matrix.GOVER != '' }} | |
uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ matrix.GOVER }} | |
- name: Make Release | |
env: | |
GOBIN: /usr/local/bin | |
run: | | |
make release | |
- name: Publish nightly release to aptly | |
if: github.ref == 'refs/heads/master' | |
env: | |
APTLY_USER: ${{ secrets.APTLY_USER }} | |
APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }} | |
run: | | |
./upload-artifacts.sh nightly ${{ matrix.suite }} | |
- name: Publish release to aptly | |
if: startsWith(github.event.ref, 'refs/tags') | |
env: | |
APTLY_USER: ${{ secrets.APTLY_USER }} | |
APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }} | |
run: | | |
./upload-artifacts.sh release ${{ matrix.suite }} |