upgrade tomcat-embed-core from 10.1.31 to 10.1.34 for CVE-2024-50379 #2673
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: main | |
on: [pull_request, push] | |
jobs: | |
pre-process: | |
name: Pre-process | |
uses: vmware/singleton/.github/workflows/pre-process.yml@devops | |
check-header: | |
name: Check Header | |
needs: pre-process | |
if: needs.pre-process.outputs.were-only-docs-updated != 'yes' | |
uses: vmware/singleton/.github/workflows/check.yml@devops | |
unit-test: | |
name: Unit Test | |
runs-on: ubuntu-latest | |
needs: pre-process | |
if: needs.pre-process.outputs.were-only-docs-updated != 'yes' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'adopt' | |
java-version: '17' | |
- name: Unit test | |
run: | | |
cd $GITHUB_WORKSPACE/g11n-ws | |
./gradlew test jacocoTestReport | |
- name: Upload Codecov report for vip-manager-i18n | |
uses: codecov/codecov-action@v2 | |
with: | |
files: ./g11n-ws/vip-manager-i18n/build/reports/jacoco.xml | |
flags: vip-manager-i18n | |
- name: Upload Codecov report for vip-manager-l10n | |
uses: codecov/codecov-action@v2 | |
with: | |
files: ./g11n-ws/vip-manager-l10n/build/reports/jacoco.xml | |
flags: vip-manager-l10n | |
- name: Upload Codecov report for vip-manager-lite-i18n | |
uses: codecov/codecov-action@v2 | |
with: | |
files: ./g11n-ws/vip-manager-lite-i18n/build/reports/jacoco.xml | |
flags: vip-manager-lite-i18n | |
security-analysis: | |
name: Security Analysis | |
runs-on: ubuntu-latest | |
needs: pre-process | |
if: needs.pre-process.outputs.were-only-docs-updated != 'yes' | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'adopt' | |
java-version: '17' | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
- name: Autobuild | |
uses: github/codeql-action/autobuild@v2 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 | |
codacy-analysis-cli: | |
name: Codacy Analysis CLI | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@main | |
- name: Run Codacy Analysis CLI | |
uses: codacy/codacy-analysis-cli-action@master | |
with: | |
output: results.sarif | |
format: sarif | |
gh-code-scanning-compat: true | |
max-allowed-issues: 2147483647 | |
- name: Clean duplicates | |
run: | | |
jq '.runs |= unique_by({tool, invocations, results})' results.sarif > final-results.sarif | |
- name: Upload SARIF results file | |
uses: github/codeql-action/upload-sarif@main | |
with: | |
sarif_file: final-results.sarif | |
smoke-test: | |
name: Smoke Test | |
runs-on: ubuntu-latest | |
needs: pre-process | |
if: needs.pre-process.outputs.were-only-docs-updated != 'yes' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'adopt' | |
java-version: '17' | |
- name: Smoke Test | |
run: | | |
git clone --branch=devops https://github.com/vmware/singleton.git devops | |
cd $GITHUB_WORKSPACE/g11n-ws && ./gradlew build -x test | |
cp $GITHUB_WORKSPACE/devops/deploy/i18n-service/Dockerfile $GITHUB_WORKSPACE/publish/ | |
cd $GITHUB_WORKSPACE/publish && ls | |
mv singleton-[0~9]*.jar i18n-service.jar && ls | |
docker build -t singleton . | |
docker run -d -p 8090:8090 --name singleton singleton | |
docker ps | |
cd $GITHUB_WORKSPACE/devops/autotest/service/i18n-service/APITest && $GITHUB_WORKSPACE/g11n-ws/gradlew build | |
docker cp l10n singleton:/ | |
str=$(printf '=%.0s' {1..50}) | |
echo $str Smoke Test Start $str | |
date | |
locale | |
sleep 10 | |
java -cp "target/*:resource/*" org.testng.TestNG testng.xml || test_status=$? | |
if [[ ${test_status} -ne 0 ]]; then | |
docker logs singleton | |
exit ${test_status} | |
fi | |
echo $str Smoke Test End $str | |
performance-test: | |
name: Performance Test | |
runs-on: ubuntu-latest | |
needs: pre-process | |
if: needs.pre-process.outputs.were-only-docs-updated != 'yes' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'adopt' | |
java-version: '17' | |
- name: Set up Python3 | |
uses: actions/setup-python@v4 | |
with: | |
python-version: '3.10' | |
- name: Performance Test | |
run: | | |
git clone --branch=devops https://github.com/vmware/singleton.git devops | |
cd $GITHUB_WORKSPACE/g11n-ws && ./gradlew build -x test | |
cp $GITHUB_WORKSPACE/devops/performancetest/Dockerfile $GITHUB_WORKSPACE/publish/ | |
cd $GITHUB_WORKSPACE/publish && ls | |
mv singleton-[0~9]*.jar i18n-service.jar && ls | |
cp -r $GITHUB_WORKSPACE/devops/performancetest/resource/l10n l10n | |
docker build -t singleton . | |
docker run -d -p 8090:8090 --name singleton singleton | |
docker ps | |
str=$(printf '=%.0s' {1..50}) | |
cd $GITHUB_WORKSPACE/devops/performancetest | |
pip install -r requirements.txt | |
python performance.py |