[cve] Bump cryptography package to 42.0.8 (#3712) #680
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Python 3 CI | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
branches: | |
- master | |
jobs: | |
build: | |
runs-on: ${{ matrix.python-version == '3.10' && 'ubuntu-22.04' || 'ubuntu-20.04' }} | |
strategy: | |
matrix: | |
python-version: ['3.8', '3.9', '3.10'] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: run commit title format check | |
run: | | |
./tools/ci/check_for_commit_message.sh | |
- name: Set up Python ${{ matrix.python-version }} | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Cache pip | |
uses: actions/cache@v4 | |
with: | |
# This path is specific to Ubuntu | |
path: ~/.cache/pip | |
key: ${{ runner.os }}-pip-${{ hashFiles('desktop/core/requirements.txt') }} | |
restore-keys: | | |
${{ runner.os }}-pip- | |
${{ runner.os }}- | |
- name: compile | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y gcc g++ build-essential python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv python${{ matrix.python-version }}-distutils asciidoc rsync curl sudo libkrb5-dev libldap2-dev libsasl2-dev libxml2-dev libxslt-dev libsasl2-modules-gssapi-mit libsnappy-dev libffi-dev # This should not be needed as some point | |
sudo curl -sL https://deb.nodesource.com/setup_20.x | sudo bash - && sudo apt-get install -y nodejs | |
sudo curl -sL https://bootstrap.pypa.io/get-pip.py | sudo python${{ matrix.python-version }} | |
sudo apt-get install -y python3-setuptools | |
sudo apt-get install -y libncursesw5-dev libgdbm-dev libc6-dev libssl-dev openssl | |
export PYTHON_VER=python${{ matrix.python-version }} | |
export ROOT=$PWD | |
make apps | |
- name: run tests | |
run: | | |
PYTHONWARNINGS=always ./build/env/bin/pytest | |
- name: run python lints | |
run: | | |
PYTHONWARNINGS=always ./build/env/bin/hue runruff check | |
- name: run documentation lints | |
run: | | |
# Installs to move to image building | |
curl -O https://dl.google.com/go/go1.17.linux-amd64.tar.gz | |
tar -xvf go1.17.linux-amd64.tar.gz | |
export GO111MODULE=on | |
go/bin/go get -u github.com/raviqqe/muffet@v1.5.7 | |
curl --output hugo_0.69.0_Linux.tar.gz -L https://github.com/gohugoio/hugo/releases/download/v0.69.0/hugo_0.69.0_Linux-64bit.tar.gz | |
tar -xvf hugo_0.69.0_Linux.tar.gz | |
export PATH=$PWD:$HOME/go/bin:$PATH | |
# Trigger linting if documentation changes | |
./tools/ci/check_for_website_dead_links.sh docs/docs-site | |
# ./tools/ci/check_for_website_dead_links.sh docs/gethue | |