Skip to content

fix: docker/Dockerfile-base to reduce vulnerabilities #897

fix: docker/Dockerfile-base to reduce vulnerabilities

fix: docker/Dockerfile-base to reduce vulnerabilities #897

Workflow file for this run

# run test suites
name: Tests
on:
- pull_request
- push
- workflow_dispatch
jobs:
# see: https://github.com/fkirc/skip-duplicate-actions
skip_duplicate:
continue-on-error: true
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip_duplicate.outputs.should_skip && ! contains(github.ref, 'refs/tags') && ! contains(github.ref, 'refs/heads/master') }}
steps:
- uses: fkirc/skip-duplicate-actions@master
with:
concurrent_skipping: "same_content"
skip_after_successful_duplicate: "true"
do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'
# see: https://github.com/actions/setup-python
tests:
needs: skip_duplicate
if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }}
runs-on: ${{ matrix.os }}
continue-on-error: ${{ matrix.allow-failure }}
env:
# override make command to install directly in active python
CONDA_COMMAND: ""
strategy:
matrix:
os: [ubuntu-latest]
python-version: ["3.9", "3.10", "3.11", "3.12"]
allow-failure: [false]
test-case: [test-only] # add other test variations to run for every python/os/failure combinations
# tests with single run
include:
# linter tests
- os: ubuntu-latest
python-version: "3.10"
allow-failure: false
test-case: check-only
# docker smoke tests
- os: ubuntu-latest
python-version: "3.10"
allow-failure: false
test-case: test-docker
# coverage tests
- os: ubuntu-latest
python-version: "3.10"
allow-failure: false
test-case: coverage
steps:
- uses: actions/checkout@v2
with:
fetch-depth: "0"
- name: Setup Python
uses: actions/setup-python@v2
with:
python-version: "${{ matrix.python-version }}"
# Prepare workspace dir for tests that require access permissions
- name: Prepare Test Environment
uses: falti/[email protected]
id: dotenv
with:
path: ./docker/.env.example
keys-case: bypass
- name: Prepare Workspace
run: |
sudo mkdir -p "${{ steps.dotenv.outputs.WORKSPACE_DIR }}"
sudo chown -R runner:docker "${{ steps.dotenv.outputs.WORKSPACE_DIR }}"
# skip docker containers startup to avoid pull/up delay if not required by tests
- if: ${{ matrix.test-case == 'coverage' || matrix.test-case == 'test-only' }}
name: Start containers
run: make docker-up-dev-detached docker-config-dev
# preinstall system to ensure latest are available for following dependency resolution
- name: Install System Dependencies
run: make install-sys
- name: Display System Installation Options
run: make install-xargs
- name: Install Package and Test Dependencies
run: make install-pkg install-dev
- if: ${{ matrix.test-case == 'check-only' }}
name: Install Extra Test Dependencies
run: make install-dev
- name: Display Packages
run: pip freeze
- name: Display Version
run: make version
- name: Setup Environment Variables
uses: c-py/action-dotenv-to-setenv@v2
with:
env-file: ./tests/ci/test.env
- name: Display Environment Variables
run: |
hash -r
env | sort
- name: Run Tests
run: make stop ${{ matrix.test-case }}
continue-on-error: false
- name: Upload coverage report
uses: codecov/codecov-action@v2
if: ${{ success() && matrix.test-case == 'coverage' }}
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./reports/coverage.xml
fail_ci_if_error: true
verbose: true