Skip to content

Bump werkzeug from 2.3.7 to 2.3.8 (#135) #532

Bump werkzeug from 2.3.7 to 2.3.8 (#135)

Bump werkzeug from 2.3.7 to 2.3.8 (#135) #532

Workflow file for this run

---
name: Gating
"on":
pull_request:
push:
workflow_dispatch:
inputs: {}
jobs:
tests:
name: Unit tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install system dependencies
uses: nick-invision/retry@v2
with:
timeout_minutes: 10
retry_wait_seconds: 30
max_attempts: 3
command: >-
sudo apt-get update
&& sudo apt-get install
libkrb5-dev
libldap2-dev
libsasl2-dev
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install poetry tox tox-gh-actions
- name: Test with tox
run: tox -e py
- name: Run coveralls-python
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COVERALLS_FLAG_NAME: python-${{ matrix.python-version }}
COVERALLS_PARALLEL: true
run: |
pip3 install --upgrade pip
pip3 install --upgrade setuptools
pip3 install --upgrade coveralls==3.2.0
coveralls --service=github
- name: Set up Python for documentation build
uses: actions/setup-python@v4
with:
python-version: "3.8"
- name: Test building documentation with tox
run: tox -e docs
coveralls-finish:
name: Finish coveralls-python
needs: tests
runs-on: ubuntu-latest
steps:
- name: Finished
run: |
pip3 install --upgrade pip
pip3 install --upgrade setuptools
pip3 install --upgrade coveralls
coveralls --finish --service=github
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
linters:
name: Linters
strategy:
matrix:
tox_env:
- bandit
- lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install tox
- name: Test '${{ matrix.tox_env }}' with tox
run: tox -e ${{ matrix.tox_env }}
hadolint:
name: Hadolint
runs-on: ubuntu-latest
strategy:
matrix:
dockerfile:
- Dockerfile
steps:
- uses: actions/checkout@v4
- uses: hadolint/[email protected]
with:
dockerfile: ${{ matrix.dockerfile }}
# Ignore list:
# * DL3041 - Specify version with dnf install -y <package>-<version>
ignore: DL3041
failure-threshold: warning
image-build:
name: Container Image Build
needs: hadolint
runs-on: ubuntu-latest
env:
IMAGE_NAME: waiverdb
REGISTRY: quay.io/factory2
GH_REGISTRY: ghcr.io/${{ github.actor }}
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install poetry tox tox-gh-actions podman-compose
- name: Update the Application Version
run: poetry version "$(./get-version.sh)"
- name: Get image tag from git branch
id: get-image-tag
run: |
export TAG=$(sed 's/[^0-9a-zA-Z_.-]/__/g' <<< "$GITHUB_REF_NAME") &&
echo "::set-output name=tag::$TAG"
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.IMAGE_NAME }}
tags: >-
${{ steps.get-image-tag.outputs.tag }}
${{ github.ref == 'refs/heads/master' && 'latest' || '' }}
${{ github.sha }}
containerfiles: Dockerfile
build-args: |
GITHUB_SHA=${{ github.sha }}
- name: Log in to the image registry
if: github.event_name == 'push' && github.actor != 'dependabot[bot]'
uses: redhat-actions/podman-login@v1
with:
registry: ${{ secrets.REGISTRY_USER && env.REGISTRY || env.GH_REGISTRY }}
username: ${{ secrets.REGISTRY_USER || github.actor }}
password: ${{ secrets.REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
- name: Push Image
if: github.event_name == 'push' && github.actor != 'dependabot[bot]'
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ secrets.REGISTRY_USER && env.REGISTRY || env.GH_REGISTRY }}