Skip to content

Audit

Audit #1454

Workflow file for this run

name: Audit
on:
schedule:
- cron: '30 2 * * *'
jobs:
audit:
name: Audit
runs-on: ubuntu-22.04
timeout-minutes: 10
strategy:
fail-fast: false
matrix:
branch:
- '1.15'
- '1.17'
- '1.18'
- '1.19'
- '1.20'
steps:
- run: pip install pyOpenSSL --upgrade
- uses: actions/checkout@v4
with:
ref: ${{ matrix.branch }}
token: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
- uses: camptocamp/initialise-gopass-summon-action@v2
with:
ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}}
github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}}
- run: python3 -m venv ~/.venv
- run: ~/.venv/bin/pip install --pre c2cciutils[audit]
- run: python3 -m pip install --pre c2cciutils[audit]
- name: Check .tool-versions file existence
id: tool-versions
uses: andstor/file-existence-action@v3
with:
files: .tool-versions
- uses: asdf-vm/actions/install@v3
if: steps.tool-versions.outputs.files_exists == 'true'
- run: cat /tmp/python-build.*.log
if: failure()
- run: python --version
- name: Snyk audit
run: ~/.venv/bin/c2cciutils-audit --branch=${{ matrix.branch }}
env:
GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
- name: Check ci/dpkg-versions.yaml file existence
id: dpkg-versions
uses: andstor/file-existence-action@v3
with:
files: ci/dpkg-versions.yaml
- name: Update dpkg packages versions
run: ~/.venv/bin/c2cciutils-docker-versions-update --branch=${{ matrix.branch }}
env:
GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
if: steps.dpkg-versions.outputs.files_exists == 'true'