Skip to content

Add admin permission checks #35

Add admin permission checks

Add admin permission checks #35

Workflow file for this run

name: osf.io
on: [push, pull_request]
permissions:
contents: read
env:
WHEELHOUSE: ~/.cache/wheelhouse
ELASTICSEARCH_ARCHIVE: elasticsearch-2.4.5.tar.gz
ELASTICSEARCH6_ARCHIVE: elasticsearch-6.3.1.tar.gz
OSF_DB_PORT: 5432
OSF_DB_PASSWORD: postgres
jobs:
build-cache:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- id: cache-objects
uses: actions/cache@v2
with:
path: ~/.cache
key: reqs_${{ hashFiles('**/pyproject.toml') }}
restore-keys: reqs
- run: |
mkdir -p ~/.cache/downloads
mkdir -p ~/.cache/pip
mkdir -p ~/.cache/wheelhouse
mkdir -p ~/.cache/testmon
rm -rf node_modules ## TODO remove this later
addons:
runs-on: ubuntu-20.04
needs: build-cache
permissions:
checks: write
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: ${{ env.OSF_DB_PASSWORD }}
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
# Maps tcp port 5432 on service container to the host
- 5432:5432
steps:
- uses: actions/checkout@v2
- uses: ./.github/actions/start-build
- name: Run tests
run: poetry run python3 -m invoke test-ci-addons -n 1 --junit
- name: Upload report
if: (github.event_name != 'pull_request') && (success() || failure()) # run this step even if previous step failed
uses: ./.github/actions/gen-report
website:
runs-on: ubuntu-20.04
needs: build-cache
permissions:
checks: write
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: ${{ env.OSF_DB_PASSWORD }}
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
# Maps tcp port 5432 on service container to the host
- 5432:5432
steps:
- uses: actions/checkout@v2
- uses: ./.github/actions/start-build
- name: Run tests
run: poetry run python3 -m invoke test-ci-website -n 1 --junit
- name: Upload report
if: (github.event_name != 'pull_request') && (success() || failure()) # run this step even if previous step failed
uses: ./.github/actions/gen-report
api1_and_js:
runs-on: ubuntu-20.04
needs: build-cache
permissions:
checks: write
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: ${{ env.OSF_DB_PASSWORD }}
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
# Maps tcp port 5432 on service container to the host
- 5432:5432
steps:
- uses: actions/checkout@v2
- uses: ./.github/actions/start-build
- name: NVM & yarn install
run: poetry run python3 -m invoke assets --dev
- name: Run test
run: poetry run python3 -m invoke test-ci-api1-and-js -n 1 --junit
- name: Upload report
if: (github.event_name != 'pull_request') && (success() || failure()) # run this step even if previous step failed
uses: ./.github/actions/gen-report
api2:
runs-on: ubuntu-20.04
needs: build-cache
permissions:
checks: write
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: ${{ env.OSF_DB_PASSWORD }}
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
# Maps tcp port 5432 on service container to the host
- 5432:5432
steps:
- uses: actions/checkout@v2
- uses: ./.github/actions/start-build
- name: Run tests
run: poetry run python3 -m invoke test-ci-api2 -n 1 --junit
- name: Upload report
if: (github.event_name != 'pull_request') && (success() || failure()) # run this step even if previous step failed
uses: ./.github/actions/gen-report
api3_and_osf:
runs-on: ubuntu-20.04
permissions:
checks: write
needs: build-cache
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: ${{ env.OSF_DB_PASSWORD }}
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
# Maps tcp port 5432 on service container to the host
- 5432:5432
steps:
- uses: actions/checkout@v2
- uses: ./.github/actions/start-build
- name: Run tests
run: poetry run python3 -m invoke test-ci-api3-and-osf -n 1 --junit
- name: Upload report
if: (github.event_name != 'pull_request') && (success() || failure()) # run this step even if previous step failed
uses: ./.github/actions/gen-report