Skip to content

upgrade tomcat-embed-core from 10.1.31 to 10.1.34 for CVE-2024-50379 #2674

upgrade tomcat-embed-core from 10.1.31 to 10.1.34 for CVE-2024-50379

upgrade tomcat-embed-core from 10.1.31 to 10.1.34 for CVE-2024-50379 #2674

Workflow file for this run

name: main
on: [pull_request, push]
jobs:
pre-process:
name: Pre-process
uses: vmware/singleton/.github/workflows/pre-process.yml@devops
check-header:
name: Check Header
needs: pre-process
if: needs.pre-process.outputs.were-only-docs-updated != 'yes'
uses: vmware/singleton/.github/workflows/check.yml@devops
unit-test:
name: Unit Test
runs-on: ubuntu-latest
needs: pre-process
if: needs.pre-process.outputs.were-only-docs-updated != 'yes'
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Set up JDK
uses: actions/setup-java@v3
with:
distribution: 'adopt'
java-version: '17'
- name: Unit test
run: |
cd $GITHUB_WORKSPACE/g11n-ws
./gradlew test jacocoTestReport
- name: Upload Codecov report for vip-manager-i18n
uses: codecov/codecov-action@v2
with:
files: ./g11n-ws/vip-manager-i18n/build/reports/jacoco.xml
flags: vip-manager-i18n
- name: Upload Codecov report for vip-manager-l10n
uses: codecov/codecov-action@v2
with:
files: ./g11n-ws/vip-manager-l10n/build/reports/jacoco.xml
flags: vip-manager-l10n
- name: Upload Codecov report for vip-manager-lite-i18n
uses: codecov/codecov-action@v2
with:
files: ./g11n-ws/vip-manager-lite-i18n/build/reports/jacoco.xml
flags: vip-manager-lite-i18n
security-analysis:
name: Security Analysis
runs-on: ubuntu-latest
needs: pre-process
if: needs.pre-process.outputs.were-only-docs-updated != 'yes'
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set up JDK
uses: actions/setup-java@v3
with:
distribution: 'adopt'
java-version: '17'
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
- name: Autobuild
uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
codacy-analysis-cli:
name: Codacy Analysis CLI
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@main
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@master
with:
output: results.sarif
format: sarif
gh-code-scanning-compat: true
max-allowed-issues: 2147483647
- name: Clean duplicates
run: |
jq '.runs |= unique_by({tool, invocations, results})' results.sarif > final-results.sarif
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@main
with:
sarif_file: final-results.sarif
smoke-test:
name: Smoke Test
runs-on: ubuntu-latest
needs: pre-process
if: needs.pre-process.outputs.were-only-docs-updated != 'yes'
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Set up JDK
uses: actions/setup-java@v3
with:
distribution: 'adopt'
java-version: '17'
- name: Smoke Test
run: |
git clone --branch=devops https://github.com/vmware/singleton.git devops
cd $GITHUB_WORKSPACE/g11n-ws && ./gradlew build -x test
cp $GITHUB_WORKSPACE/devops/deploy/i18n-service/Dockerfile $GITHUB_WORKSPACE/publish/
cd $GITHUB_WORKSPACE/publish && ls
mv singleton-[0~9]*.jar i18n-service.jar && ls
docker build -t singleton .
docker run -d -p 8090:8090 --name singleton singleton
docker ps
cd $GITHUB_WORKSPACE/devops/autotest/service/i18n-service/APITest && $GITHUB_WORKSPACE/g11n-ws/gradlew build
docker cp l10n singleton:/
str=$(printf '=%.0s' {1..50})
echo $str Smoke Test Start $str
date
locale
sleep 10
java -cp "target/*:resource/*" org.testng.TestNG testng.xml || test_status=$?
if [[ ${test_status} -ne 0 ]]; then
docker logs singleton
exit ${test_status}
fi
echo $str Smoke Test End $str
performance-test:
name: Performance Test
runs-on: ubuntu-latest
needs: pre-process
if: needs.pre-process.outputs.were-only-docs-updated != 'yes'
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Set up JDK
uses: actions/setup-java@v3
with:
distribution: 'adopt'
java-version: '17'
- name: Set up Python3
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Performance Test
run: |
git clone --branch=devops https://github.com/vmware/singleton.git devops
cd $GITHUB_WORKSPACE/g11n-ws && ./gradlew build -x test
cp $GITHUB_WORKSPACE/devops/performancetest/Dockerfile $GITHUB_WORKSPACE/publish/
cd $GITHUB_WORKSPACE/publish && ls
mv singleton-[0~9]*.jar i18n-service.jar && ls
cp -r $GITHUB_WORKSPACE/devops/performancetest/resource/l10n l10n
docker build -t singleton .
docker run -d -p 8090:8090 --name singleton singleton
docker ps
str=$(printf '=%.0s' {1..50})
cd $GITHUB_WORKSPACE/devops/performancetest
pip install -r requirements.txt
python performance.py