[Snyk] Security upgrade swagger-ui-react from 4.12.0 to 4.16.1 #17952
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- "master" | |
- "release-*" | |
- "!release-2.8" | |
pull_request: | |
branches: | |
- "master" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
permissions: | |
contents: read | |
jobs: | |
tests: | |
name: Unit Tests | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: "1.21" | |
cache: true | |
- run: make test STATIC_FILES=false GOTEST='go test -p 20 -covermode=atomic -coverprofile=coverage.out' | |
# engineers just ignore this in PRs, so lets not even run it | |
- run: bash <(curl -s https://codecov.io/bash) | |
if: github.ref == 'refs/heads/master' | |
argoexec-image: | |
name: argoexec-image | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
# needs: [ lint ] | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: docker/setup-buildx-action@v2 | |
- name: Build and export | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
tags: quay.io/argoproj/argoexec:latest | |
outputs: type=docker,dest=/tmp/argoexec_image.tar | |
target: argoexec | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: argoexec | |
path: /tmp/argoexec_image.tar | |
if-no-files-found: error | |
e2e-tests: | |
name: E2E Tests | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
needs: [ argoexec-image ] | |
env: | |
KUBECONFIG: /home/runner/.kubeconfig | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- test: test-executor | |
profile: minimal | |
- test: test-corefunctional | |
profile: minimal | |
- test: test-functional | |
profile: minimal | |
- test: test-api | |
profile: mysql | |
- test: test-cli | |
profile: mysql | |
- test: test-cron | |
profile: minimal | |
- test: test-examples | |
profile: minimal | |
- test: test-plugins | |
profile: plugins | |
- test: test-java-sdk | |
profile: minimal | |
- test: test-python-sdk | |
profile: minimal | |
- test: test-executor | |
install_k3s_version: v1.25.11-k3s1 | |
profile: minimal | |
- test: test-corefunctional | |
install_k3s_version: v1.25.11-k3s1 | |
profile: minimal | |
- test: test-functional | |
install_k3s_version: v1.25.11-k3s1 | |
profile: minimal | |
steps: | |
- name: Install socat | |
# needed by Kubernetes v1.25 | |
run: sudo apt-get -y install socat | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: "1.21" | |
cache: true | |
- uses: actions/setup-java@v3 | |
if: ${{matrix.test == 'test-java-sdk'}} | |
with: | |
java-version: '8' | |
distribution: adopt | |
cache: maven | |
- uses: actions/setup-python@v4 | |
if: ${{matrix.test == 'test-python-sdk'}} | |
with: | |
python-version: '3.x' | |
cache: pip | |
- name: Install and start K3S | |
run: | | |
if ! echo "${{ matrix.install_k3s_version }}" | egrep '^v[0-9]+\.[0-9]+\.[0-9]+\+k3s1$'; then | |
export INSTALL_K3S_VERSION=v1.27.2+k3s1 | |
else | |
export INSTALL_K3S_VERSION=${{ matrix.install_k3s_version }} | |
fi | |
curl -sfL https://get.k3s.io | INSTALL_K3S_CHANNEL=stable INSTALL_K3S_EXEC=--docker K3S_KUBECONFIG_MODE=644 sh - | |
until kubectl --kubeconfig=/etc/rancher/k3s/k3s.yaml cluster-info ; do sleep 10s ; done | |
cp /etc/rancher/k3s/k3s.yaml /home/runner/.kubeconfig | |
echo "- name: fake_token_user" >> $KUBECONFIG | |
echo " user:" >> $KUBECONFIG | |
echo " token: xxxxxx" >> $KUBECONFIG | |
until kubectl cluster-info ; do sleep 10s ; done | |
- uses: actions/download-artifact@v3 | |
name: Download argoexec image | |
with: | |
name: argoexec | |
path: /tmp | |
- run: docker load < /tmp/argoexec_image.tar | |
name: Load argoexec image | |
- name: Set-up /etc/hosts | |
run: | | |
echo '127.0.0.1 dex' | sudo tee -a /etc/hosts | |
echo '127.0.0.1 minio' | sudo tee -a /etc/hosts | |
echo '127.0.0.1 postgres' | sudo tee -a /etc/hosts | |
echo '127.0.0.1 mysql' | sudo tee -a /etc/hosts | |
echo '127.0.0.1 azurite' | sudo tee -a /etc/hosts | |
- run: make install PROFILE=${{matrix.profile}} STATIC_FILES=false | |
name: Install manifests | |
- run: make controller kit STATIC_FILES=false | |
name: Build controller | |
- run: make cli STATIC_FILES=false | |
if: ${{matrix.test == 'test-api' || matrix.test == 'test-cli' || matrix.test == 'test-java-sdk' || matrix.test == 'test-python-sdk'}} | |
name: Build CLI | |
- run: make start PROFILE=${{matrix.profile}} AUTH_MODE=client STATIC_FILES=false LOG_LEVEL=info API=${{matrix.test == 'test-api' || matrix.test == 'test-cli' || matrix.test == 'test-java-sdk' || matrix.test == 'test-python-sdk'}} UI=false > /tmp/argo.log 2>&1 & | |
name: Start controller/API | |
- run: make wait API=${{matrix.test == 'test-api' || matrix.test == 'test-cli' || matrix.test == 'test-java-sdk' || matrix.test == 'test-python-sdk'}} | |
timeout-minutes: 4 | |
name: Wait for controller to be up | |
- name: Run tests ${{matrix.test}} | |
run: make ${{matrix.test}} E2E_SUITE_TIMEOUT=20m STATIC_FILES=false | |
- if: ${{ failure() }} | |
name: MinIO/MySQL deployment | |
run: | | |
set -eux | |
kubectl get deploy | |
kubectl describe deploy | |
- if: ${{ failure() }} | |
name: MinIO/MySQL pods | |
run: | | |
set -eux | |
kubectl get pods -l '!workflows.argoproj.io/workflow' | |
kubectl describe pods -l '!workflows.argoproj.io/workflow' | |
- if: ${{ failure() }} | |
name: MinIO/MySQL logs | |
run: kubectl logs -l '!workflows.argoproj.io/workflow' --prefix | |
- if: ${{ failure() }} | |
name: Controller/API logs | |
run: | | |
[ -e /tmp/argo.log ] && cat /tmp/argo.log | |
- if: ${{ failure() }} | |
name: Workflows | |
run: | | |
set -eux | |
kubectl get wf | |
kubectl describe wf | |
- if: ${{ failure() }} | |
name: Workflow pods | |
run: | | |
set -eux | |
kubectl get pods -l workflows.argoproj.io/workflow | |
kubectl describe pods -l workflows.argoproj.io/workflow | |
- if: ${{ failure() }} | |
name: Wait container logs | |
run: kubectl logs -c wait -l workflows.argoproj.io/workflow --prefix | |
codegen: | |
name: Codegen | |
runs-on: ubuntu-latest | |
needs: [ tests ] | |
timeout-minutes: 20 | |
env: | |
GOPATH: /home/runner/go | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: "1.21" | |
cache: true | |
- name: Install protoc | |
run: | | |
set -eux -o pipefail | |
curl -OL https://github.com/protocolbuffers/protobuf/releases/download/v3.19.4/protoc-3.19.4-linux-x86_64.zip | |
sudo unzip -o protoc-3.19.4-linux-x86_64.zip -d /usr/local bin/protoc | |
sudo unzip -o protoc-3.19.4-linux-x86_64.zip -d /usr/local 'include/*' | |
sudo chmod +x /usr/local/bin/protoc | |
sudo find /usr/local/include -type f | xargs sudo chmod a+r | |
sudo find /usr/local/include -type d | xargs sudo chmod a+rx | |
ls /usr/local/include/google/protobuf/ | |
- run: | | |
docker pull openapitools/openapi-generator-cli:v5.4.0 & | |
docker pull openapitools/openapi-generator-cli:v5.2.1 & | |
- name: Create links | |
run: | | |
mkdir -p /home/runner/go/src/github.com/argoproj | |
ln -s "$PWD" /home/runner/go/src/github.com/argoproj/argo-workflows | |
- run: make codegen -B STATIC_FILES=false | |
- run: git diff --exit-code | |
lint: | |
name: Lint | |
runs-on: ubuntu-latest | |
needs: [ tests, codegen ] | |
timeout-minutes: 10 | |
env: | |
GOPATH: /home/runner/go | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: "1.21" | |
cache: true | |
- run: make lint STATIC_FILES=false | |
- run: git diff --exit-code | |
ui: | |
name: UI | |
runs-on: ubuntu-latest | |
timeout-minutes: 6 | |
env: | |
NODE_OPTIONS: --max-old-space-size=4096 | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: "20" # change in all GH Workflows | |
cache: yarn | |
cache-dependency-path: ui/yarn.lock | |
- run: yarn --cwd ui install | |
- run: yarn --cwd ui build | |
- run: yarn --cwd ui test | |
- run: yarn --cwd ui lint | |
- run: git diff --exit-code | |
# check to see if it'll start (but not if it'll render) | |
- run: yarn --cwd ui start & | |
- run: until curl http://localhost:8080 > /dev/null ; do sleep 10s ; done | |
timeout-minutes: 1 |