From d840c3b917ae3e6e541a89d39cd90f420da118fb Mon Sep 17 00:00:00 2001 From: aldousalvarez Date: Thu, 5 Dec 2024 10:05:15 +0800 Subject: [PATCH] schedule trivy check --- .github/workflows/ci.yaml | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7286c02e31..2f40814fc4 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -64,7 +64,7 @@ jobs: plugin-htlc-coordinator-besu-changed: ${{ steps.changes.outputs.plugin-htlc-coordinator-besu-changed }} test-tooling-changed: ${{ steps.changes.outputs.test-tooling-changed }} ghcr-dev-container-vscode-changed: ${{ steps.changes.outputs.ghcr-dev-container-vscode-changed }} - copm-changed: ${{ steps.changes.outputs.copm-changed }} + plugin-copm-fabric-changed: ${{ steps.changes.outputs.plugin-copm-fabric-changed }} runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4.1.7 @@ -175,15 +175,9 @@ jobs: - './packages/cactus-plugin-keychain-memory/**' # - './.github/workflows/ci.yaml' - copm-changed: - - './packages/cactus-common/**' - - './packages/cactus-core/**' - - './packages/cactus-core-api/**' + plugin-copm-fabric-changed: - './packages/cacti-copm-common/**' - - './packages/cacti-copm-test/**' - './packages/cacti-plugin-copm-fabric/**' - - './packages/cacti-plugin-copm-corda/**' - - './weaver/**' build-dev: needs: check-ci-skip @@ -499,7 +493,7 @@ jobs: --tag cmd-api-server \ --tag "ghcr.io/hyperledger/cactus-cmd-api-server:$(date +"%Y-%m-%dT%H-%M-%S" --utc)-dev-$(git rev-parse --short HEAD)" - - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} + - if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }} name: Run Trivy vulnerability scan for cmd-api-server uses: aquasecurity/trivy-action@0.19.0 with: @@ -1423,7 +1417,7 @@ jobs: working-directory: packages/cactus-plugin-ledger-connector-corda/src/main-server/kotlin/gen/kotlin-spring/ run: ./gradlew clean build -Pversion=dev -DrootProjectName=cacti-connector-corda-server - - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} + - if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }} name: Run Trivy vulnerability scan for cactus-connector-corda-server uses: aquasecurity/trivy-action@0.19.0 with: @@ -1477,7 +1471,7 @@ jobs: needs: - build-dev - compute_changed_packages - if: needs.compute_changed_packages.outputs.copm-changed == 'true' + if: needs.compute_changed_packages.outputs.plugin-copm-fabric-changed == 'true' uses: ./.github/workflows/test_copm.yaml @@ -2048,7 +2042,9 @@ jobs: JEST_TEST_RUNNER_DISABLED: false JEST_TEST_COVERAGE_PATH: ./code-coverage-ts/ctp-ledger-connector-besu JEST_TEST_CODE_COVERAGE_ENABLED: true - TAPE_TEST_RUNNER_DISABLED: true + TAPE_TEST_PATTERN: >- + --files={./packages/cactus-test-plugin-ledger-connector-besu/src/test/typescript/integration/plugin-validator-besu/get-block-endpoint.test.ts,./packages/cactus-test-plugin-ledger-connector-besu/src/test/typescript/integration/plugin-validator-besu/get-transaction-endpoint.test.ts,./packages/cactus-test-plugin-ledger-connector-besu/src/test/typescript/integration/plugin-validator-besu/v21-get-block-endpoint.test.ts} + TAPE_TEST_RUNNER_DISABLED: false runs-on: ubuntu-22.04 steps: - name: Use Node.js ${{ env.NODEJS_VERSION }} @@ -2283,7 +2279,7 @@ jobs: - uses: actions/checkout@v4.1.7 - name: ghcr.io/hyperledger/cactus-keychain-vault-server run: DOCKER_BUILDKIT=1 docker build ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/ -f ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/Dockerfile -t cactus-keychain-vault-server - - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} + - if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }} name: Run Trivy vulnerability scan for cactus-keychain-vault-server uses: aquasecurity/trivy-action@0.19.0 with: @@ -2304,4 +2300,7 @@ name: Cactus_CI push: branches: - main - - dev \ No newline at end of file + - dev + schedule: + # Run at 8:00 AM UTC on weekends (Monday and Thursday) + - cron: '0 8 * * 1,4' \ No newline at end of file