Update dependency bootstrap to v5 [SECURITY] #12369
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: CI | |
on: | |
push: | |
branches: | |
- master | |
- release | |
- release-candidate | |
pull_request: | |
jobs: | |
python-tests: | |
runs-on: ubuntu-22.04 | |
services: | |
db: | |
image: postgres:16.3 | |
# Health checks to wait until postgres has started | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres # pragma: allowlist secret | |
POSTGRES_DB: postgres | |
ports: | |
- 5432:5432 | |
redis: | |
image: redis:5.0.8 | |
ports: | |
- 6379:6379 | |
elastic: | |
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.23 | |
env: | |
network.host: "0.0.0.0" | |
http.cors.enabled: "true" | |
http.cors.allow-origin: "*" | |
rest.action.multi.allow_explicit_index: "false" | |
ES_JAVA_OPTS: -Xms512m -Xmx512m" | |
ports: | |
- 9200:9200 | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 | |
- name: update | |
run: sudo apt-get update -y | |
- name: Apt install | |
run: cat Aptfile | sudo xargs apt-get install | |
- name: Install poetry | |
uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1 | |
with: | |
version: 1.5.1 | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
- name: Set up Python | |
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5 | |
with: | |
python-version: "3.12.5" | |
cache: "poetry" | |
- name: Install dependencies | |
run: poetry install --no-interaction | |
# Configurations required for elasticsearch. | |
- name: Configure sysctl limits | |
run: | | |
sudo swapoff -a | |
sudo sysctl -w vm.swappiness=1 | |
sudo sysctl -w fs.file-max=262144 | |
sudo sysctl -w vm.max_map_count=262144 | |
- name: Runs Elasticsearch | |
uses: elastic/elastic-github-actions/elasticsearch@master | |
with: | |
stack-version: 6.7.1 | |
- name: Tests | |
run: | | |
export MEDIA_ROOT="$(mktemp -d)" | |
sudo mkdir /var/media | |
sudo chown -R $USER:$USER /var/media | |
poetry run ./scripts/test/python_tests.sh | |
env: | |
OCW_STUDIO_DB_DISABLE_SSL: "True" | |
OCW_STUDIO_SECURE_SSL_REDIRECT: "False" | |
CELERY_TASK_ALWAYS_EAGER: "True" | |
CELERY_BROKER_URL: redis://localhost:6379/4 | |
CELERY_RESULT_BACKEND: redis://localhost:6379/4 | |
DATABASE_URL: postgres://postgres:postgres@localhost:5432/postgres # pragma: allowlist secret | |
DEBUG: "False" | |
MAILGUN_SENDER_DOMAIN: "fake.example.com" | |
MAILGUN_KEY: "fake" | |
NODE_ENV: "production" | |
OCW_STUDIO_BASE_URL: "http://localhost:8043/" | |
SOCIAL_AUTH_SAML_LOGIN_URL: "fake.example.com/login/saml/" | |
SECRET_KEY: "secret" # pragma: allowlist secret | |
CONTENT_SYNC_BACKEND: | |
frontend-tests: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 | |
- name: Setup NodeJS | |
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4 | |
with: | |
node-version: 20 | |
cache: yarn | |
- name: Install dependencies | |
run: yarn install --immutable | |
- name: Lints | |
run: npm run lint | |
- name: Code formatting | |
run: npm run fmt:check | |
- name: Scss lint | |
run: npm run scss_lint | |
- name: Typechecking | |
run: npm run typecheck | |
- name: Tests | |
run: npm run test:coverage | |
env: | |
NODE_ENV: development | |
- name: Webpack build | |
run: npm run build |