Skip to content

update err handling #271

update err handling

update err handling #271

Workflow file for this run

name: Build
on:
#schedule:
# - cron: '0 2 * * *'
push:
workflow_dispatch:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
test:
name: Build and push image
runs-on: ubuntu-latest
steps:
-
name: Checkout source
uses: actions/checkout@v3
# -
# name: Start minikube
# id: minikube
# run: |
# curl -L https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 -o /tmp/minikube-linux-amd64
# sudo install /tmp/minikube-linux-amd64 /usr/local/bin/minikube
# minikube start --kubernetes-version=v1.20.15 --embed-certs --wait all --cni auto
-
name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.9
-
name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install -r requirements.txt
python -m pip install tox tox-gh-actions pytest
# -
# name: Create .env
# uses: 1arp/[email protected]
# with:
# path: 'tests'
# file: '.env'
# content: |
# AWSED_API_BASE_URL=
# AWSED_API_KEY=
# AWSED_API_ACTIVE_USERS_RESOURCE_PATH=
-
name: Run unit tests
run: tox
-
name: Run integration tests
run: pytest
- name: Log in to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate tags and labels
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push image
uses: docker/build-push-action@v4
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Scan for vulnerabilities
uses: crazy-max/ghaction-container-scan@v3
with:
image: ${{ steps.meta.outputs.tags }}
- name: Filter out non-critical vulns
run: |
mv /tmp/container-scan*/ /tmp/container-scan/ && cat /tmp/container-scan/result.json | jq '.Results[0].Vulnerabilities[] | select(.Severity=="CRITICAL")' > /tmp/container-scan/critical.json
- name: Archive container scan results
uses: actions/upload-artifact@v3
with:
name: container-scan-results
path: |
/tmp/container-scan*