Skip to content

[Security] remove ujson package (CVE-2022-31116, CVE-2022-31117, CVE-2021-45958) #97

[Security] remove ujson package (CVE-2022-31116, CVE-2022-31117, CVE-2021-45958)

[Security] remove ujson package (CVE-2022-31116, CVE-2022-31117, CVE-2021-45958) #97

Workflow file for this run

name: Indy Plenum - PR Workflow
on:
pull_request:
paths:
- '**'
- "!plenum/__version__.json"
branches:
- main
jobs:
workflow-setup:
name: Initialize Workflow
runs-on: ubuntu-latest
outputs:
CACHE_KEY_BUILD: ${{ steps.setup.outputs.CACHE_KEY_BUILD }}
UBUNTU_VERSION: ${{ steps.setup.outputs.UBUNTU_VERSION }}
# Expose the lowercase version of the GitHub repository name
# to all subsequent jobs that reference image repositories
# as the push and pull operations require the URL of the repository
# to be in lowercase.
GITHUB_REPOSITORY_NAME: ${{ steps.setup.outputs.GITHUB_REPOSITORY_NAME }}
distribution: ${{ steps.setup.outputs.distribution }}
publish: ${{ steps.setup.outputs.publish }}
testsNeeded: ${{ steps.testsNeeded.outputs.testsNeeded }}
steps:
- name: checkout source code
uses: actions/checkout@v4
- name: setup
id: setup
uses: hyperledger/indy-shared-gha/.github/actions/workflow-setup@v1
- name: testsNeeded
id: testsNeeded
uses: dorny/paths-filter@v3
with:
filters: |
testsNeeded:
- '**.py'
- '.github/**'
- 'build-scripts/**'
- 'bump_version.sh'
lint:
name: Lint
needs: [workflow-setup]
if: ${{ needs.workflow-setup.outputs.testsNeeded == 'true' }}
uses: hyperledger/indy-shared-gha/.github/workflows/lint.yaml@v1
build-docker-image:
name: Create Builder Image
needs: [workflow-setup, lint]
uses: hyperledger/indy-shared-gha/.github/workflows/buildimage.yaml@v1
with:
CACHE_KEY_BUILD: ${{ needs.workflow-setup.outputs.CACHE_KEY_BUILD }}
DOCKER_IMAGE: ghcr.io/${{ needs.workflow-setup.outputs.GITHUB_REPOSITORY_NAME }}/plenum-build
UBUNTU_VERSION: ${{ needs.workflow-setup.outputs.UBUNTU_VERSION }}
build_packages:
name: Build Packages
needs: [workflow-setup, build-docker-image]
uses: hyperledger/indy-shared-gha/.github/workflows/buildpackages.yaml@v1
with:
DOCKER_IMAGE: ghcr.io/${{ needs.workflow-setup.outputs.GITHUB_REPOSITORY_NAME }}/plenum-build:${{ needs.workflow-setup.outputs.UBUNTU_VERSION }}
UBUNTU_VERSION: ${{ needs.workflow-setup.outputs.UBUNTU_VERSION }}
isDev: 'true'
isRC: 'false'
moduleName: plenum
plenum_tests:
name: Test Plenum
needs: [workflow-setup, lint, build_packages]
uses: ./.github/workflows/reuseable_test.yaml
with:
GITHUB_REPOSITORY_NAME: ${{ needs.workflow-setup.outputs.GITHUB_REPOSITORY_NAME }}
UBUNTU_VERSION: ${{ needs.workflow-setup.outputs.UBUNTU_VERSION }}
statusCheck:
name: statusCheck
runs-on: ubuntu-latest
needs: [workflow-setup, plenum_tests]
if: ${{ needs.workflow-setup.outputs.testsNeeded == 'false' || success() }}
steps:
- run: 'echo "Just a status Check (Always true, when executed) for branch protection rules(blocks merging while test are running and if tests fail)." '