Skip to content

Bump flask from 2.3.2 to 2.3.3 in /nap-dos #85

Bump flask from 2.3.2 to 2.3.3 in /nap-dos

Bump flask from 2.3.2 to 2.3.3 in /nap-dos #85

Workflow file for this run

name: CI
on:
push:
branches:
- main
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
pull_request:
branches:
- main
env:
PLATFORMS: "linux/amd64, linux/arm64, linux/s390x, linux/ppc64le"
concurrency:
group: ${{ github.ref_name }}-ci
cancel-in-progress: true
jobs:
build:
name: Build Binaries TCP/UDP
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup Golang Environment
uses: actions/setup-go@v4
with:
go-version-file: go.mod
- name: Build binary
uses: goreleaser/goreleaser-action@v4
with:
version: latest
args: build --clean ${{ !startsWith(github.ref, 'refs/tags/') && '--snapshot' || '' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GOPATH: ${{ needs.checks.outputs.go_path }}
- name: Store Artifacts in Cache
uses: actions/cache@v3
with:
path: ${{ github.workspace }}/dist
key: test-containers-${{ github.run_id }}-${{ github.run_number }}
build-docker:
name: Build Docker Images TCP/UDP
runs-on: ubuntu-22.04
needs: build
strategy:
matrix:
type: [tcp, udp]
steps:
- name: Checkout Repository
uses: actions/checkout@v3
- name: Fetch Cached Artifacts
uses: actions/cache@v3
with:
path: ${{ github.workspace }}/dist
key: test-containers-${{ github.run_id }}-${{ github.run_number }}
- name: Setup QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: arm64,ppc64le,s390x
if: github.event_name != 'pull_request'
- name: Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
if: github.event_name != 'pull_request'
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/nginxinc/kic-test-${{ matrix.type }}-server
tags: |
type=edge
type=ref,event=pr
type=semver,pattern={{version}}
labels: |
org.opencontainers.image.description=KIC Test ${{ matrix.type }} Server
- name: Build Docker image
uses: docker/build-push-action@v4
id: build-push
with:
file: ${{ matrix.type }}/Dockerfile
context: '.'
cache-from: type=gha,scope=${{ matrix.type }}
cache-to: type=gha,scope=${{ matrix.type }},mode=max
target: goreleaser
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ github.event_name != 'pull_request' && env.PLATFORMS || '' }}
load: ${{ github.event_name == 'pull_request' }}
push: ${{ github.event_name != 'pull_request' }}
pull: true
no-cache: ${{ github.event_name != 'pull_request' }}
- name: Run Grype vulnerability scanner
uses: anchore/scan-action@v3
continue-on-error: true
id: scan
with:
image: ghcr.io/nginxinc/kic-test-${{ matrix.type }}-server:${{ steps.meta.outputs.version }}
only-fixed: true
add-cpes-if-none: true
- name: upload Anchore scan SARIF report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
build-grpc:
name: Build Docker Image gRPC
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v3
- name: Setup QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: arm64,ppc64le,s390x
if: github.event_name != 'pull_request'
- name: Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
if: github.event_name != 'pull_request'
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/nginxinc/kic-test-grpc-server
tags: |
type=edge
type=ref,event=pr
type=semver,pattern={{version}}
labels: |
org.opencontainers.image.description=KIC Test gRPC Server
- name: Build Docker image
uses: docker/build-push-action@v4
id: build-push
with:
file: grpc/Dockerfile
context: '.'
cache-from: type=gha,scope=grpc
cache-to: type=gha,scope=grpc,mode=max
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ github.event_name != 'pull_request' && env.PLATFORMS || '' }}
load: ${{ github.event_name == 'pull_request' }}
push: ${{ github.event_name != 'pull_request' }}
pull: true
no-cache: ${{ github.event_name != 'pull_request' }}
- name: Run Grype vulnerability scanner
uses: anchore/scan-action@v3
continue-on-error: true
id: scan
with:
image: ghcr.io/nginxinc/kic-test-grpc-server:${{ steps.meta.outputs.version }}
only-fixed: true
add-cpes-if-none: true
- name: upload Anchore scan SARIF report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
build-dos-server:
name: Build Docker Image DOS Server
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v3
- name: Setup QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: arm64,ppc64le,s390x
if: github.event_name != 'pull_request'
- name: Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
if: github.event_name != 'pull_request'
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/nginxinc/kic-test-dos-server
tags: |
type=edge
type=ref,event=pr
type=semver,pattern={{version}}
labels: |
org.opencontainers.image.description=KIC Test DOS Server
- name: Build Docker image
uses: docker/build-push-action@v4
id: build-push
with:
file: nap-dos/Dockerfile
context: '.'
cache-from: type=gha,scope=dos-server
cache-to: type=gha,scope=dos-server,mode=max
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ github.event_name != 'pull_request' && env.PLATFORMS || '' }}
load: ${{ github.event_name == 'pull_request' }}
push: ${{ github.event_name != 'pull_request' }}
pull: true
no-cache: ${{ github.event_name != 'pull_request' }}
- name: Run Grype vulnerability scanner
uses: anchore/scan-action@v3
continue-on-error: true
id: scan
with:
image: ghcr.io/nginxinc/kic-test-dos-server:${{ steps.meta.outputs.version }}
only-fixed: true
add-cpes-if-none: true
- name: upload Anchore scan SARIF report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.scan.outputs.sarif }}