Skip to content

Commit

Permalink
Merge branch 'dev' into snwagh/documentataion-for-dev-with-k8s
Browse files Browse the repository at this point in the history
  • Loading branch information
@snwagh
snwagh committed May 17, 2024
2 parents 37843d6 + 5c739a5 commit 369a8f6
Show file tree
Hide file tree
Showing 99 changed files with 2,708 additions and 2,600 deletions.
11 changes: 0 additions & 11 deletions .dockerignore
View file

This file was deleted.

72 changes: 36 additions & 36 deletions .github/workflows/container-scan.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,30 +274,30 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Snyk CLI to check for security issues
# Snyk can be used to break the build when it detects security issues.
# In this case we want to upload the SAST issues to GitHub Code Scanning
uses: snyk/actions/setup@master
env:
# This is where you will need to introduce the Snyk API token created with your Snyk account
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

- name: Snyk auth
shell: bash
run: snyk config set api=$SNYK_TOKEN
env:
# This is where you will need to introduce the Snyk API token created with your Snyk account
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

- name: Snyk Container test
uses: snyk/actions/docker@master
continue-on-error: true
shell: bash
run: snyk container test mongo:7.0.0 --sarif --sarif-file-output=snyk-code.sarif
env:
# This is where you will need to introduce the Snyk API token created with your Snyk account
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: mongo:7.0.0
args: --sarif-file-output=snyk-code.sarif

# Replace any "undefined" security severity values with 0. The undefined value is used in the case
# of license-related findings, which do not do not indicate a security vulnerability.
# See https://github.com/github/codeql-action/issues/2187 for more context.
- name: Post-process sarif output
run: |
sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' snyk-code.sarif
# Replace any "null" security severity values with 0. The undefined value is used in the case
# the NVD CVSS Score is not available.
# See https://github.com/Erikvl87/docker-languagetool/issues/90 and https://github.com/github/codeql-action/issues/2187 for more context.
- name: Post-process sarif output for security severities set to "null"
run: |
sed -i 's/"security-severity": "null"/"security-severity": "0"/g' snyk-code.sarif
# Push the Snyk Code results into GitHub Code Scanning tab
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
Expand Down Expand Up @@ -352,29 +352,29 @@ jobs:
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Snyk CLI to check for security issues
# Snyk can be used to break the build when it detects security issues.
# In this case we want to upload the SAST issues to GitHub Code Scanning
uses: snyk/actions/setup@master
env:
# This is where you will need to introduce the Snyk API token created with your Snyk account
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

- name: Snyk auth
shell: bash
run: snyk config set api=$SNYK_TOKEN
env:
# This is where you will need to introduce the Snyk API token created with your Snyk account
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

- name: Snyk Container test
uses: snyk/actions/docker@master
continue-on-error: true
shell: bash
run: snyk container test traefik:v2.11.0 --sarif --sarif-file-output=snyk-code.sarif
env:
# This is where you will need to introduce the Snyk API token created with your Snyk account
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: traefik:v2.11.0
args: --sarif-file-output=snyk-code.sarif

# Replace any "undefined" security severity values with 0. The undefined value is used in the case
# of license-related findings, which do not do not indicate a security vulnerability.
# See https://github.com/github/codeql-action/issues/2187 for more context.
- name: Post-process sarif output
run: |
sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' snyk-code.sarif
# Replace any "null" security severity values with 0. The undefined value is used in the case
# the NVD CVSS Score is not available.
# See https://github.com/Erikvl87/docker-languagetool/issues/90 and https://github.com/github/codeql-action/issues/2187 for more context.
- name: Post-process sarif output for security severities set to "null"
run: |
sed -i 's/"security-severity": "null"/"security-severity": "0"/g' snyk-code.sarif
# Push the Snyk Code results into GitHub Code Scanning tab
- name: Upload result to GitHub Code Scanning
Expand Down
25 changes: 13 additions & 12 deletions .github/workflows/pr-tests-stack-public.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,8 @@ jobs:
strategy:
max-parallel: 99
matrix:
os: [ubuntu-latest, macos-latest, windows]
# issues with macos 14 arm https://github.com/crazy-max/ghaction-setup-docker/pull/53
os: [ubuntu-latest, macos-13, windows-latest]
python-version: ["3.12"]
pytest-modules: ["frontend network"]
fail-fast: false
Expand All @@ -27,7 +28,7 @@ jobs:

steps:
- name: "clean .git/config"
if: matrix.os == 'windows'
if: matrix.os == 'windows-latest'
continue-on-error: true
shell: bash
run: |
Expand Down Expand Up @@ -78,31 +79,31 @@ jobs:
pip install --upgrade tox tox-uv==1.5.1
- name: Show choco installed packages
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows'
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest'
uses: crazy-max/ghaction-chocolatey@v3
with:
args: list --localonly
args: list

- name: Install git
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows'
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest'
uses: crazy-max/ghaction-chocolatey@v3
with:
args: install git.install --params "/GitAndUnixToolsOnPath /WindowsTerminal /NoAutoCrlf" -y

- name: Install cmake
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows'
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest'
uses: crazy-max/ghaction-chocolatey@v3
with:
args: install cmake.portable --installargs 'ADD_CMAKE_TO_PATH=System' -y

- name: Check cmake version
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows'
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest'
run: |
cmake --version
shell: cmd

- name: Install visualcpp-build-tools
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows'
if: steps.changes.outputs.stack == 'true' && matrix.os == 'windows-latest'
uses: crazy-max/ghaction-chocolatey@v3
with:
args: install visualstudio2019-workload-vctools -y
Expand All @@ -117,11 +118,11 @@ jobs:
chmod +x ~/.docker/cli-plugins/docker-compose
- name: Docker on MacOS
if: steps.changes.outputs.stack == 'true' && matrix.os == 'macos-latest'
uses: crazy-max/ghaction-setup-docker@v3.1.0
if: steps.changes.outputs.stack == 'true' && matrix.os == 'macos-13'
uses: crazy-max/ghaction-setup-docker@v3.2.0

- name: Docker Compose on MacOS
if: steps.changes.outputs.stack == 'true' && matrix.os == 'macos-latest'
if: steps.changes.outputs.stack == 'true' && matrix.os == 'macos-13'
shell: bash
run: |
brew install docker-compose
Expand Down Expand Up @@ -162,7 +163,7 @@ jobs:
continue-on-error: true

- name: Reboot node
if: matrix.os == 'windows' && failure()
if: matrix.os == 'windows-latest' && failure()
run: |
shutdown /r /t 1
Expand Down
Loading

0 comments on commit 369a8f6

Please sign in to comment.