Skip to content

Fix vulnerability CWE-1333 #1709

Fix vulnerability CWE-1333

Fix vulnerability CWE-1333 #1709

Workflow file for this run

name: rpaframework
on:
push:
branches:
- master
paths:
- "packages/main/**"
- ".github/workflows/main.yaml"
pull_request:
branches:
- master
paths:
- "packages/main/**"
- ".github/workflows/main.yaml"
defaults:
run:
working-directory: "./packages/main"
jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
name:
[
"windows-py38",
"windows-py39",
"windows-py310",
"ubuntu-py38",
"ubuntu-py39",
"ubuntu-py310",
"macos-py38",
"macos-py39",
"macos-py310",
]
include:
- name: "windows-py38"
python: "3.8"
os: windows-latest
- name: "windows-py39"
python: "3.9"
os: windows-latest
- name: "windows-py310"
python: "3.10"
os: windows-latest
- name: "ubuntu-py38"
python: "3.8"
os: ubuntu-latest
- name: "ubuntu-py39"
python: "3.9"
os: ubuntu-latest
- name: "ubuntu-py310"
python: "3.10"
os: ubuntu-latest
- name: "macos-py38"
python: "3.8"
os: macos-13
- name: "macos-py39"
python: "3.9"
os: macos-13
- name: "macos-py310"
python: "3.10"
os: macos-13
env:
SETUPTOOLS_USE_DISTUTILS: stdlib
INVOKE_IS_CI_CD: 1
HUBSPOT_TOKEN: ${{ secrets.HUBSPOT_TOKEN }}
SYSTEM_VERSION_COMPAT: "0"
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python }}
- name: Install xclip on linux
if: matrix.os == 'ubuntu-latest'
run: |
DEBIAN_FRONTEND=noninteractive sudo apt-get update -y
DEBIAN_FRONTEND=noninteractive sudo apt-get install xclip -y
- name: Upgrade pip
run: python -m pip install --upgrade pip
- name: Install invocation prerequisites
run: pip install -Ur ../../invocations/requirements.txt
- name: Get python version
id: full-python-version
shell: bash
run: |
echo ::set-output name=version::$(python -c "import sys; print('-'.join(str(v) for v in sys.version_info[:3]))")
- name: Set up cache
uses: actions/cache@v4
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.full-python-version.outputs.version }}-${{ hashFiles('poetry.lock') }}
- name: Install invocation package
run: invoke install-invocations || invoke self.install-invocations
- name: Install dependencies
run: invoke install
- name: Lint
run: invoke code.lint -e
- name: Test (non-linux)
if: matrix.os != 'ubuntu-latest'
run: invoke code.test -a
- name: Test (linux)
if: matrix.os == 'ubuntu-latest'
run: |
export XDG_SESSION_TYPE=x11
xvfb-run --server-args="-screen 0 1280x720x24" invoke code.test
- uses: actions/upload-artifact@v4
if: success() || failure()
with:
name: ${{ matrix.os }}-py${{ matrix.python }}-test-reports
path: packages/main/tests/results
# publish:
# # Only publish on master workflow runs
# if: github.ref == 'refs/heads/master'
# needs: test
# runs-on: ubuntu-latest
# env:
# INVOKE_IS_CI_CD: 1
# steps:
# - uses: actions/checkout@v2
# - name: Set up Python
# uses: actions/setup-python@v1
# with:
# python-version: '3.9'
# - name: Upgrade pip
# run: python -m pip install --upgrade pip
# - name: Install invocation prerequisites
# run: pip install -Ur ../../invocations/requirements.txt
# - name: Install invocation package
# run: invoke install-invocations || invoke self.install-invocations
# - name: Install dependencies
# run: invoke install
# - name: Build and publish package
# if: success()
# run: |
# invoke install.setup-poetry --devpi-url ${{ secrets.devpiUrl }} --username ci --password ${{ secrets.devpiPassword }}
# invoke build.publish --ci --version=prerelease --yes-to-all