Skip to content

[Snyk] Security upgrade python from 3.10-slim-bookworm to 3.14.0a3-slim-bookworm #1914

[Snyk] Security upgrade python from 3.10-slim-bookworm to 3.14.0a3-slim-bookworm

[Snyk] Security upgrade python from 3.10-slim-bookworm to 3.14.0a3-slim-bookworm #1914

Workflow file for this run

# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: Tests
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
build:
services:
redis:
image: redis
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
runs-on: ubuntu-latest
timeout-minutes: 60
strategy:
matrix:
python-version: ["3.9", "3.10", "3.11", "3.12"]
steps:
- uses: actions/checkout@v2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install flake8
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
if [ -f ./tests/requirements.txt ]; then pip install -r ./tests/requirements.txt; fi
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Test with pytest
run: |
pytest
test-docker:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
# BUILD PHASE
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Compose install
run: |
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
- name: Build client
id: build_client
uses: docker/build-push-action@v2
with:
file: docker/Dockerfile
push: false
target: client
cache-from: type=registry,ref=permitio/opal-client:latest
cache-to: type=inline
load: true
tags: |
permitio/opal-client:test
- name: Build server
id: build_server
uses: docker/build-push-action@v2
with:
file: docker/Dockerfile
push: false
target: server
cache-from: type=registry,ref=permitio/opal-server:latest
cache-to: type=inline
load: true
tags: |
permitio/opal-server:test
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: "3.10"
- name: Install opal packages
run: |
python -m pip install -e ./packages/opal-common
python -m pip install -e ./packages/opal-client
python -m pip install -e ./packages/opal-server
- name: App Tests
working-directory: ./app-tests
env:
OPAL_IMAGE_TAG: test
OPAL_TESTS_POLICY_REPO_DEPLOY_KEY: ${{ secrets.OPAL_TESTS_POLICY_REPO_DEPLOY_KEY }}
run: |
# Prepare git for using tests policy repo
export OPAL_POLICY_REPO_SSH_KEY_PATH=$(realpath .)/opal-tests-policy-repo-key
echo "$OPAL_TESTS_POLICY_REPO_DEPLOY_KEY" > $OPAL_POLICY_REPO_SSH_KEY_PATH
chmod 400 $OPAL_POLICY_REPO_SSH_KEY_PATH
git config --global core.sshCommand "ssh -i $OPAL_POLICY_REPO_SSH_KEY_PATH -o IdentitiesOnly=yes"
git config --global user.name "$GITHUB_ACTOR"
git config --global user.email "<>"
./run.sh