Skip to content

[branch-2.10][authentication] Update original auth data after auth data refresh #9250

[branch-2.10][authentication] Update original auth data after auth data refresh

[branch-2.10][authentication] Update original auth data after auth data refresh #9250

#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
name: CI - Misc - OWASP Dependency Check
on:
pull_request:
branches:
- branch-*
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3
jobs:
owasp-dep-check:
name:
runs-on: ubuntu-latest
timeout-minutes: 120
steps:
- name: checkout
uses: actions/checkout@v2
- name: Tune Runner VM
uses: ./.github/actions/tune-runner-vm
- name: Detect changed pom files
id: changes
uses: apache/pulsar-test-infra/paths-filter@master
with:
filters: |
poms:
- 'pom.xml'
- '**/pom.xml'
- 'src/owasp-dependency-check-false-positives.xml'
- 'src/owasp-dependency-check-suppressions.xml'
- name: Cache local Maven repository
if: ${{ steps.changes.outputs.poms == 'true' }}
uses: actions/cache@v2
with:
path: |
~/.m2/repository/*/*/*
!~/.m2/repository/org/apache/pulsar
key: ${{ runner.os }}-m2-dependencies-all-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-m2-dependencies-core-modules-${{ hashFiles('**/pom.xml') }}
${{ runner.os }}-m2-dependencies-core-modules-
- name: Set up JDK 11
uses: actions/setup-java@v2
if: ${{ steps.changes.outputs.poms == 'true' }}
with:
distribution: 'temurin'
java-version: 11
- name: clean disk
if: ${{ steps.changes.outputs.poms == 'true' }}
run: |
sudo swapoff -a
sudo rm -rf /swapfile /usr/share/dotnet /usr/local/lib/android /opt/ghc
sudo apt clean
docker rmi $(docker images -q) -f
df -h
# Projects dependent on flume, hdfs, hbase, and presto currently excluded from the scan.
- name: run "clean install verify" to trigger dependency check
if: ${{ steps.changes.outputs.poms == 'true' }}
run: mvn -q -B -ntp clean install verify -PskipDocker,owasp-dependency-check -DskipTests -pl '!pulsar-sql,!distribution/io,!distribution/offloaders,!tiered-storage/file-system,!pulsar-io/flume,!pulsar-io/hbase,!pulsar-io/hdfs2,!pulsar-io/hdfs3,!pulsar-io/docs'
- name: Upload report
uses: actions/upload-artifact@v2
if: ${{ cancelled() || failure() }}
continue-on-error: true
with:
name: dependency report
path: target/dependency-check-report.html