Skip to content

Commit

Permalink
schedule trivy check
Browse files Browse the repository at this point in the history
  • Loading branch information
aldousalvarez committed Dec 5, 2024
1 parent 8ee9c62 commit d840c3b
Showing 1 changed file with 13 additions and 14 deletions.
27 changes: 13 additions & 14 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ jobs:
plugin-htlc-coordinator-besu-changed: ${{ steps.changes.outputs.plugin-htlc-coordinator-besu-changed }}
test-tooling-changed: ${{ steps.changes.outputs.test-tooling-changed }}
ghcr-dev-container-vscode-changed: ${{ steps.changes.outputs.ghcr-dev-container-vscode-changed }}
copm-changed: ${{ steps.changes.outputs.copm-changed }}
plugin-copm-fabric-changed: ${{ steps.changes.outputs.plugin-copm-fabric-changed }}
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4.1.7
Expand Down Expand Up @@ -175,15 +175,9 @@ jobs:
- './packages/cactus-plugin-keychain-memory/**'
# - './.github/workflows/ci.yaml'
copm-changed:
- './packages/cactus-common/**'
- './packages/cactus-core/**'
- './packages/cactus-core-api/**'
plugin-copm-fabric-changed:
- './packages/cacti-copm-common/**'
- './packages/cacti-copm-test/**'
- './packages/cacti-plugin-copm-fabric/**'
- './packages/cacti-plugin-copm-corda/**'
- './weaver/**'
build-dev:
needs: check-ci-skip
Expand Down Expand Up @@ -499,7 +493,7 @@ jobs:
--tag cmd-api-server \
--tag "ghcr.io/hyperledger/cactus-cmd-api-server:$(date +"%Y-%m-%dT%H-%M-%S" --utc)-dev-$(git rev-parse --short HEAD)"
- if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
- if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
name: Run Trivy vulnerability scan for cmd-api-server
uses: aquasecurity/trivy-action@0.19.0
with:
Expand Down Expand Up @@ -1423,7 +1417,7 @@ jobs:
working-directory: packages/cactus-plugin-ledger-connector-corda/src/main-server/kotlin/gen/kotlin-spring/
run: ./gradlew clean build -Pversion=dev -DrootProjectName=cacti-connector-corda-server

- if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
- if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
name: Run Trivy vulnerability scan for cactus-connector-corda-server
uses: aquasecurity/trivy-action@0.19.0
with:
Expand Down Expand Up @@ -1477,7 +1471,7 @@ jobs:
needs:
- build-dev
- compute_changed_packages
if: needs.compute_changed_packages.outputs.copm-changed == 'true'
if: needs.compute_changed_packages.outputs.plugin-copm-fabric-changed == 'true'
uses: ./.github/workflows/test_copm.yaml


Expand Down Expand Up @@ -2048,7 +2042,9 @@ jobs:
JEST_TEST_RUNNER_DISABLED: false
JEST_TEST_COVERAGE_PATH: ./code-coverage-ts/ctp-ledger-connector-besu
JEST_TEST_CODE_COVERAGE_ENABLED: true
TAPE_TEST_RUNNER_DISABLED: true
TAPE_TEST_PATTERN: >-
--files={./packages/cactus-test-plugin-ledger-connector-besu/src/test/typescript/integration/plugin-validator-besu/get-block-endpoint.test.ts,./packages/cactus-test-plugin-ledger-connector-besu/src/test/typescript/integration/plugin-validator-besu/get-transaction-endpoint.test.ts,./packages/cactus-test-plugin-ledger-connector-besu/src/test/typescript/integration/plugin-validator-besu/v21-get-block-endpoint.test.ts}
TAPE_TEST_RUNNER_DISABLED: false
runs-on: ubuntu-22.04
steps:
- name: Use Node.js ${{ env.NODEJS_VERSION }}
Expand Down Expand Up @@ -2283,7 +2279,7 @@ jobs:
- uses: actions/checkout@v4.1.7
- name: ghcr.io/hyperledger/cactus-keychain-vault-server
run: DOCKER_BUILDKIT=1 docker build ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/ -f ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/Dockerfile -t cactus-keychain-vault-server
- if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
- if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
name: Run Trivy vulnerability scan for cactus-keychain-vault-server
uses: aquasecurity/trivy-action@0.19.0
with:
Expand All @@ -2304,4 +2300,7 @@ name: Cactus_CI
push:
branches:
- main
- dev
- dev
schedule:
# Run at 8:00 AM UTC on weekends (Monday and Thursday)
- cron: '0 8 * * 1,4'

0 comments on commit d840c3b

Please sign in to comment.