Skip to content

Upgrade requirements with security issues #532

Upgrade requirements with security issues

Upgrade requirements with security issues #532

Workflow file for this run

name: CI
on:
- push
- pull_request
permissions:
contents: read
env:
COLUMNS: 160
jobs:
get-changed-files:
name: Get Changed Files
runs-on: ubuntu-latest
permissions:
contents: read # for dorny/paths-filter to fetch a list of changed files
pull-requests: read # for dorny/paths-filter to read pull requests
outputs:
changed-files: ${{ toJSON(steps.changed-files.outputs) }}
steps:
- uses: actions/checkout@v3
- name: Get Changed Files
id: changed-files
uses: dorny/paths-filter@v2
with:
token: ${{ github.token }}
list-files: json
filters: |
repo:
- added|modified:
- '**'
deleted:
- deleted:
- '**'
docs:
- doc/**
state-tree:
- added|modified: &state_tree_added_modified
- setup.py
- golden-pillar-tree/*
- golden-state-tree/*
- tools/**/*.py
os-images-scripts:
- added|modified: &os_images_scripts
- os-images/files/*
- os-images/AWS/files/*
os-images-rockylinux:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/rockylinux/*.hcl
os-images-amazonlinux:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/amazonlinux/*.hcl
os-images-amazonlinux2000:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/amazonlinux2000/*.hcl
os-images-archlinux:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/archlinux/*.hcl
os-images-centos:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/centos/*.hcl
os-images-debian:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/debian/*.hcl
os-images-fedora:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/fedora/*.hcl
os-images-opensuse:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
os-images-photon:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/photon/*.hcl
os-images-ubuntu:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/ubuntu/*.hcl
os-images-windows:
- added|modified:
- *state_tree_added_modified
- *os_images_scripts
- os-images/AWS/windows/*.hcl
- name: Set Exit Status
if: always()
run: |
mkdir exitstatus
echo "${{ job.status }}" > exitstatus/${{ github.job }}-changed-files
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
collect-jobs:
name: Collect Jobs To Run
runs-on: ubuntu-latest
needs:
- get-changed-files
outputs:
jobs: ${{ steps.collect-jobs.outputs.jobs }}
runner-version: ${{ steps.collect-jobs.outputs.runner-version }}
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Install Python Tools Scripts
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
run: |
python3 -m pip install -r requirements/tools.txt
- name: Write Changed Files To A Local File
run:
echo '${{ needs.get-changed-files.outputs.changed-files }}' > changed-files.json
- name: Collect Jobs
id: collect-jobs
run:
tools ci collect-jobs ${{ github.event_name }} changed-files.json
- name: Check It
run:
echo ${{ steps.collect-jobs.outputs.jobs }}
- name: Set Exit Status
if: always()
run: |
mkdir exitstatus
echo "${{ job.status }}" > exitstatus/${{ github.job }}-collect-jobs
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
pre-commit:
name: Pre-Commit
uses: ./.github/workflows/pre-commit-action.yml
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['pre-commit'] }}
needs:
- collect-jobs
- get-changed-files
with:
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
rockylinux:
name: RockyLinux
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-rockylinux'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: rockylinux
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
amazonlinux:
name: AmazonLinux
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-amazonlinux'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: amazonlinux
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
amazonlinux2000:
name: AmazonLinux2000
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-amazonlinux2000'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: amazonlinux2000
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
archlinux:
name: ArchLinux
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-archlinux'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: archlinux
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
centos:
name: CentOS
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-centos'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: centos
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
debian:
name: Debian
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-debian'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: debian
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
fedora:
name: Fedora
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-fedora'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: fedora
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
opensuse:
name: Opensuse
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-opensuse'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: opensuse
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
photon:
name: PhotonOS
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-photon'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: photon
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
ubuntu:
name: Ubuntu
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-ubuntu'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: ubuntu
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
windows:
name: Windows
needs:
- collect-jobs
- get-changed-files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['os-images-windows'] }}
uses: ./.github/workflows/build-image-action.yml
with:
distro-name: windows
changed-files: ${{ needs.get-changed-files.outputs.changed-files }}
runner-version: ${{ needs.collect-jobs.outputs.runner-version }}
generate-configs:
name: Generate Configuration Files
if: ${{ fromJSON(needs.collect-jobs.outputs.jobs)['generate-configs'] }}
uses: ./.github/workflows/generate-configs-action.yml
needs:
- collect-jobs
- get-changed-files
- rockylinux
- amazonlinux
- amazonlinux2000
- archlinux
- centos
- debian
- fedora
- opensuse
- photon
- ubuntu
- windows
set-pipeline-exit-status:
# This step is just so we can make github require this step, to pass checks
# on a pull request instead of requiring all
name: Set the ${{ github.workflow }} Pipeline Exit Status
runs-on: ubuntu-latest
if: always()
needs:
- collect-jobs
- pre-commit
- generate-configs
steps:
- name: Download Exit Status Files
if: always()
uses: actions/download-artifact@v3
with:
name: exitstatus
path: exitstatus
- name: Delete Exit Status Artifacts
if: always()
uses: geekyeggo/delete-artifact@v2
with:
name: exitstatus
failOnError: false
- name: Set Pipeline Exit Status
run: |
tree exitstatus
grep -RE 'failure|cancelled' exitstatus/ && exit 1 || exit 0
- name: Done
if: always()
run:
echo "All worflows finished"