Skip to content

[Snyk] Security upgrade sqlparse from 0.4.4 to 0.5.0 #22

[Snyk] Security upgrade sqlparse from 0.4.4 to 0.5.0

[Snyk] Security upgrade sqlparse from 0.4.4 to 0.5.0 #22

Workflow file for this run

name: Build and Upload pluto-atomresponder
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
checks: write
pull-requests: write
packages: write
services:
postgres:
image: postgres:9.6-alpine
env:
POSTGRES_DB: atomresponder
POSTGRES_USER: atomresponder
POSTGRES_PASSWORD: atomresponder
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- 5432:5432
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
env:
POSTGRES_DB: atomresponder
POSTGRES_USER: atomresponder
POSTGRES_PASSWORD: atomresponder
POSTGRES_HOST_AUTH_METHOD: trust
DB_HOST: localhost
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.8
uses: actions/setup-python@v3
with:
python-version: "3.8"
- name: Install dependencies
run: |
sudo apt-get install postgresql postgresql-contrib libffi-dev libxml2-utils libxslt-dev
git submodule init
git submodule update
python -m pip install --upgrade pip
pip install -r requirements.txt awscli django_nose coverage
pip install -r gnmvidispine/requirements.txt
- name: Make GITHUB_RUN_NUMBER env var available outside of shells
working-directory: ${{env.GITHUB_WORKSPACE}}
shell: bash
run: |
echo GITHUB_RUN_NUMBER=$(( GITHUB_RUN_NUMBER + 154 ))>> $GITHUB_ENV
- run: cd gnmvidispine && CIRCLE_BUILD_NUM=${{ env.GITHUB_RUN_NUMBER }} python ./setup.py install && cd ..
- name: Run Tests
run: |
python ./manage.py test
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-session-name: GHA-build
- name: ECR Login
run: aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- run: docker build . -t "guardianmultimedia/pluto-atomresponder:${{ env.GITHUB_RUN_NUMBER }}"
- name: Tag Docker image pluto-atomresponder
run: docker tag guardianmultimedia/pluto-atomresponder:${{ env.GITHUB_RUN_NUMBER }} ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/pluto-atomresponder:${{ env.GITHUB_RUN_NUMBER }}
- name: Push Docker image pluto-atomresponder
run: docker push ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/pluto-atomresponder:${{ env.GITHUB_RUN_NUMBER }}
- name: Output build-info.yaml
uses: fredex42/[email protected]
with:
builtimage: AWS_ACCOUNT_ID.dkr.ecr.AWS_REGION.amazonaws.com/pluto-atomresponder:${{ env.GITHUB_RUN_NUMBER }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Check the output
run: cat build-info.yaml
- name: Upload build info
uses: actions/upload-artifact@v3
with:
name: build-info
path: build-info.yaml