Skip to content
This repository has been archived by the owner on Nov 26, 2024. It is now read-only.

build(deps): bump docker/build-push-action from 2.7.0 to 5.1.0 #255

build(deps): bump docker/build-push-action from 2.7.0 to 5.1.0

build(deps): bump docker/build-push-action from 2.7.0 to 5.1.0 #255

env:
CARGO_TERM_COLOR: always
jobs:
audit:
container:
image: docker://rust:1.60.0-bullseye
name: Cargo Audit
needs:
- clippy
- fmt-check
permissions:
contents: read
runs-on: ubuntu-latest
steps:
-
name: Check Out
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
name: Cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
-
name: Add OS Dependency
run: make add-os-dependency
shell: bash
-
# TODO: Remove this once the `audit` job is stable.
continue-on-error: true
id: audit
name: Audit
run: make audit
shell: bash
timeout-minutes: 30
check:
container:
image: docker://rust:1.60.0-bullseye
name: Cargo Check
needs:
- clippy
- fmt-check
permissions:
contents: read
runs-on: ubuntu-latest
steps:
-
name: Check Out
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
name: Cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
-
name: Add OS Dependency
run: make add-os-dependency
shell: bash
-
name: Check
run: make check
shell: bash
timeout-minutes: 30
deny-check:
container:
image: docker://rust:1.60.0-bullseye
continue-on-error: ${{ matrix.checks == 'advisories' }}
name: Cargo Deny Check
needs:
- clippy
- fmt-check
permissions:
contents: read
runs-on: ubuntu-latest
steps:
-
name: Check Out
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
name: Cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
-
name: Add OS Dependency
run: make add-os-dependency
shell: bash
-
# TODO: Remove this once the `deny-check` job is stable.
continue-on-error: true
env:
DENY_CHECK_WHICH: ${{ matrix.checks }}
id: deny-check
name: Deny Check
run: make deny-check
shell: bash
# -
# name: Deny Check
# uses: EmbarkStudios/cargo-deny-action@0ca727bbae7b7b578b9a5f98186caac35aa2a00d
# with:
# arguments: |-
# --all-features
# --workspace
# command: check ${{ matrix.checks }}
strategy:
matrix:
checks:
- advisories
- bans licenses sources
timeout-minutes: 30
clippy:
container:
image: docker://rust:1.60.0-bullseye
name: Cargo Clippy
permissions:
contents: read
runs-on: ubuntu-latest
steps:
-
name: Check Out
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
name: Cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
-
name: Add OS Dependency
run: make add-os-dependency
shell: bash
-
name: Clippy
run: make clippy
shell: bash
timeout-minutes: 30
coverage:
container:
image: docker://rust:1.60.0-bullseye
name: Coverage
needs:
- clippy
- fmt-check
- test
permissions:
contents: read
runs-on: ubuntu-latest
steps:
-
name: Check Out
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
name: Cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
-
name: Add OS Dependency
run: make add-os-dependency
shell: bash
-
env:
PACKAGE: ${{ matrix.package }}
# TARGET: ${{ matrix.target }}
name: Coverage
run: make coverage
shell: bash
-
name: Coveralls
uses: coverallsapp/github-action@9ba913c152ae4be1327bfb9085dc806cedb44057
with:
flag-name: ${{ matrix.package }}
github-token: ${{ secrets.GITHUB_TOKEN }}
parallel: true
strategy:
matrix:
package:
- fip_api
- fip_at
- fip_jwks
- fip_rt
- fip_user
timeout-minutes: 30
coverage-finished:
needs:
- clippy
- coverage
- fmt-check
- test
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- name: Coveralls Finished
uses: coverallsapp/github-action@9ba913c152ae4be1327bfb9085dc806cedb44057
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
parallel-finished: true
timeout-minutes: 30
fmt-check:
container:
image: docker://rust:1.60.0-bullseye
name: Cargo Format Check
permissions:
contents: read
runs-on: ubuntu-latest
steps:
-
name: Check Out
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
name: Cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
-
name: Add OS Dependency
run: make add-os-dependency
shell: bash
-
name: Format Check
run: make fmt-check
shell: bash
timeout-minutes: 30
scan:
name: Scan
needs:
- clippy
- fmt-check
permissions:
contents: read
security-events: write
runs-on: ubuntu-latest
steps:
-
name: Check Out
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
name: Cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with:
key: ${{ runner.os }}-shiftleft-security-scan
path: |
${{ github.workspace }}/vdb
-
env:
ENABLE_OSS_RISK: false
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SCAN_ANNOTATE_PR: true
SCAN_AUTO_BUILD: false
SCAN_DEBUG_MODE: debug
VDB_HOME: ${{ github.workspace }}/vdb
WORKSPACE: ""
name: ShiftLeft Security Scan
uses: ShiftLeftSecurity/scan-action@54980bbdae434b8e7903cfcffa98a2601c207962
-
name: Upload Sarif
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5
with:
category: ShiftLeft Security Scan
sarif_file: reports
wait-for-processing: true
timeout-minutes: 30
test:
container:
image: docker://rust:1.60.0-bullseye
name: Cargo Test
needs:
- clippy
- fmt-check
permissions:
contents: read
runs-on: ubuntu-latest
steps:
-
name: Check Out
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
-
name: Cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed
with:
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
-
name: Add OS Dependency
run: make add-os-dependency
shell: bash
-
env:
PACKAGE: ${{ matrix.package }}
# TARGET: ${{ matrix.target }}
name: Test
run: make test
shell: bash
strategy:
matrix:
package:
- fip_api
- fip_at
- fip_jwks
- fip_rt
- fip_user
timeout-minutes: 30
name: Pull Request Main
on:
pull_request:
branches:
- main
types:
- opened
- reopened
- synchronize