[Snyk] Security upgrade alpine from 3.17 to 3.21.0 #729
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Builds | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
type: | |
- opened | |
- synchronize | |
workflow_dispatch: ~ | |
jobs: | |
build-test: | |
runs-on: ubuntu-20.04 | |
container: golang:alpine | |
services: | |
redis: | |
image: redis:6.2.5-alpine3.14 | |
ports: | |
- 6379/tcp | |
options: >- | |
--entrypoint redis-server | |
jaeger: | |
image: jaegertracing/all-in-one:1.32.0 | |
node: | |
image: fabiocicerchia/go-proxy-cache-test:node | |
#image: fabiocicerchia/npm-start:latest | |
ports: | |
- "9001:9001" # ws | |
- "9002:9002" # wss | |
#options: >- | |
# -w /home/node/app | |
# -v ${{ github.workspace }}/test/full-setup:/home/node/app | |
collector: | |
image: otel/opentelemetry-collector:0.35.0 | |
options: >- | |
-v ${{ github.workspace }}/collector:/etc/otel | |
# TODO: NEED TO FIND A WAY TO MAKE IT WORKING WITH VOLUMES | |
nginx: | |
image: fabiocicerchia/go-proxy-cache-test:nginx | |
ports: | |
- "40080:40080" # http | |
- "40081:40081" # ws | |
- "40082:40082" # wss | |
- "40443:40443" # https | |
options: >- | |
--link node | |
--link jaeger | |
--health-cmd "echo OK" | |
# -v ${{ github.workspace }}/test/full-setup/nginx:/etc/nginx/conf.d | |
# -v ${{ github.workspace }}/test/full-setup/certs:/certs | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Service Logs - jaeger | |
uses: docker://docker | |
with: | |
args: docker logs "${{ job.services.jaeger.id }}" | |
# Ref: https://github.saobby.my.eu.orgmunity/t/services-and-volumes/16313 | |
- name: Restart node | |
uses: docker://docker | |
with: | |
args: docker restart "${{ job.services.nginx.id }}" | |
- name: Service Logs - node | |
uses: docker://docker | |
with: | |
args: docker logs "${{ job.services.node.id }}" | |
# Ref: https://github.saobby.my.eu.orgmunity/t/services-and-volumes/16313 | |
- name: Restart collector | |
uses: docker://docker | |
with: | |
args: docker restart "${{ job.services.collector.id }}" | |
- name: Service Logs - collector | |
uses: docker://docker | |
with: | |
args: docker logs "${{ job.services.collector.id }}" | |
# Ref: https://github.saobby.my.eu.orgmunity/t/services-and-volumes/16313 | |
- name: Restart nginx | |
uses: docker://docker | |
with: | |
args: docker restart "${{ job.services.nginx.id }}" | |
- name: Service Logs - nginx | |
uses: docker://docker | |
with: | |
args: docker logs "${{ job.services.nginx.id }}" | |
- name: Install Dependencies | |
run: | | |
apk update | |
apk add bash curl gcc git libc-dev make nghttp2 nodejs npm redis openssh musl-dev net-snmp-dev openssl python3 | |
wget https://raw.githubusercontent.com/garabik/grc/refs/heads/master/grc | |
chmod +x grc | |
mv grc /usr/local/bin | |
- name: Build (race) | |
run: make build-race | |
- name: Build (multi-arch) | |
run: make build-multiarch | |
- name: Test | |
run: | | |
echo "127.0.0.1 testing.local www.testing.local" | tee -a /etc/hosts | |
echo "127.0.0.1 sentry syslog" | tee -a /etc/hosts | |
cd test/full-setup/certs | |
./gen-selfsigned-cert.sh | |
./gen-selfsigned-cert.sh www.w3.org | |
cd ../../.. | |
./go-proxy-cache -debug -config=test/full-setup/config.yml & | |
make test | |
env: | |
REDIS_HOSTS: redis:6379 | |
NGINX_HOST_80: nginx:40080 | |
NGINX_HOST_443: nginx:40443 | |
NGINX_HOST_WS: nginx:40081 | |
NGINX_HOST_WSS: nginx:40082 | |
- name: Coverage | |
run: | | |
echo "127.0.0.1 testing.local www.testing.local" | tee -a /etc/hosts | |
make cover | |
make codecov | |
env: | |
REDIS_HOSTS: redis:6379 | |
NGINX_HOST_80: nginx:40080 | |
NGINX_HOST_443: nginx:40443 | |
NGINX_HOST_WS: nginx:40081 | |
NGINX_HOST_WSS: nginx:40082 | |
- name: CodeCov | |
run: make codecov | |
- name: CodeClimate | |
continue-on-error: true | |
run: make codeclimate | |
sca: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: SCA | |
continue-on-error: true | |
run: make sca |