Skip to content

fix: upgrade vulnerable dependency gomarkdown #2064

fix: upgrade vulnerable dependency gomarkdown

fix: upgrade vulnerable dependency gomarkdown #2064

Workflow file for this run

# Copyright 2022 Snyk Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Build
on:
pull_request:
jobs:
unit-tests:
name: unit tests
runs-on: ubuntu-latest
steps:
- name: Prepare git
run: git config --global core.autocrlf false
- uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version-file: './go.mod'
- name: Set up Snyk CLI
uses: snyk/actions/setup@master
- name: Cache Pact CLI tools
id: cache-pact
uses: actions/cache@v3
with:
path: ~/pact
key: ${{ runner.os }}-pact
- name: Set up Pact CLI tools
shell: bash
if: steps.cache-pact.outputs.cache-hit != 'true'
run: |
cd ~
curl -fsSL https://raw.githubusercontent.com/pact-foundation/pact-ruby-standalone/master/install.sh | bash
- name: Cache Go modules
uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-go-
- name: Lint source code
run: |
make tools lint
- name: Verify analytics
env:
AMPLITUDE_KEY: ${{ secrets.AMPLITUDE_KEY }}
run: |
make verify-analytics
- name: Run tests
env:
DEEPROXY_API_URL: ${{secrets.DEEPROXY_API_URL}}
SNYK_TOKEN: ${{secrets.SNYK_TOKEN }}
run: |
export PATH=$PATH:~/pact/bin
# this is required to be able to test the clipboard
export DISPLAY=:99
sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
sudo apt-get install -y xsel xclip wl-clipboard
make clean test
- name: Snyk
env:
SNYK_TOKEN: ${{secrets.SNYK_TOKEN }}
run: |
snyk monitor
snyk code test --severity-threshold=high
integration-tests:
name: integration-tests
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ ubuntu-latest, macos-latest, windows-latest ]
steps:
- name: Prepare git
run: git config --global core.autocrlf false
- uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version-file: './go.mod'
- name: Cache Pact CLI tools
if: matrix.os != 'windows-latest'
id: cache-pact
uses: actions/cache@v3
with:
path: ~/pact
key: ${{ runner.os }}-pact
- name: Set up Pact CLI tools
shell: bash
if: steps.cache-pact.outputs.cache-hit != 'true' && matrix.os != 'windows-latest'
run: |
cd ~
curl -fsSL https://raw.githubusercontent.com/pact-foundation/pact-ruby-standalone/master/install.sh | bash
- name: Run integration tests with Pact
if: matrix.os == 'ubuntu-latest'
env:
DEEPROXY_API_URL: ${{secrets.DEEPROXY_API_URL}}
SNYK_TOKEN: ${{secrets.SNYK_TOKEN }}
INTEG_TESTS: 'true'
run: |
export PATH=$PATH:~/pact/bin
# this is required to be able to test the clipboard
export DISPLAY=:99
sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
sudo apt-get install -y xsel xclip wl-clipboard
make clean test
- name: Run integration tests with Pact
if: matrix.os == 'macos-latest'
env:
DEEPROXY_API_URL: ${{secrets.DEEPROXY_API_URL}}
SNYK_TOKEN: ${{secrets.SNYK_TOKEN }}
INTEG_TESTS: 'true'
run: |
export PATH=$PATH:~/pact/bin
# this is required to be able to test the clipboard
export DISPLAY=:99
sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
make clean test
- name: Run integration tests without Pact
if: matrix.os == 'windows-latest'
env:
DEEPROXY_API_URL: ${{secrets.DEEPROXY_API_URL}}
SNYK_TOKEN: ${{secrets.SNYK_TOKEN }}
INTEG_TESTS: 'true'
run: |
make clean test
proxy-test:
name: proxy-test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run proxy tests
env:
SNYK_TOKEN: ${{secrets.SNYK_TOKEN }}
run: |
make clean proxy-test
update-licenses:
name: update licenses
needs: [ unit-tests ]
runs-on: ubuntu-latest
steps:
- name: Prepare git
run: git config --global core.autocrlf false
- uses: actions/checkout@v3
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event.pull_request.head.ref }}
token: ${{ secrets.HAMMERHEAD_GITHUB_PAT_SNYKLS }}
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version-file: './go.mod'
- name: update licenses
run: |
make tools license-update
- name: commit license changes
uses: EndBug/add-and-commit@v9
with:
default_author: github_actor
committer_name: Github Actions
committer_email: noreply@snyk.io
message: 'docs: updated licenses'
add: 'licenses'
push: true
test-release:
name: test-release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # does an unshallow checkout with tags & branches
- name: Determine Go version
run: |
sed -En 's/^go[[:space:]]+([[:digit:].]+)$/GO_VERSION=\1/p' go.mod >> $GITHUB_ENV
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Create License Report
id: create_license_report
run: |
go install github.com/google/go-licenses@latest
LICENSES=$(go-licenses report . --ignore github.com/snyk/snyk-ls)
echo 'LICENSES<<EOF' >> $GITHUB_OUTPUT
echo $LICENSES >> $GITHUB_OUTPUT
echo 'EOF' >> $GITHUB_OUTPUT
echo $LICENSES
- name: Do test release with goreleaser
uses: goreleaser/goreleaser-action@v3
env:
LICENSES: ${{ steps.create_license_report.outputs.LICENSES }}
with:
args: release --clean --snapshot --skip-publish
- name: Output compiled licenses
run: |
chmod +x build/snyk-ls_linux_amd64_v1/snyk-ls
build/snyk-ls_linux_amd64_v1/snyk-ls -licenses
- name: Dry-run upload script
env:
AWS_REGION: ${{ secrets.AWS_REGION }}
AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }}
run: |
.github/upload-to-s3.sh --dryrun