Skip to content

loosen rbac for get cert - avoid checking every DNS in SAN #600

loosen rbac for get cert - avoid checking every DNS in SAN

loosen rbac for get cert - avoid checking every DNS in SAN #600

Workflow file for this run

on: pull_request
# Explicitly grant the `secrets.GITHUB_TOKEN` no permissions.
permissions: {}
jobs:
pre-commit:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v1
- name: Setup python 3.10
uses: actions/setup-python@v1
with:
python-version: 3.10.15
- name: Install pre-commit
run: pip install pre-commit
- name: Run pre-commit
run: pre-commit run --all-files
## Uncomment once license tests are in and passing
#license-check:
# runs-on: ubuntu-22.04
# steps:
# - name: Checkout
# uses: actions/checkout@v1
# - name: Setup Ruby 2.x
# uses: actions/setup-ruby@v1
# with:
# ruby-version: 2.x
# - name: Install license finder
# run: gem install license_finder
# - name: Setup python 3.6
# uses: actions/setup-python@v1
# with:
# python-version: 3.6
# - name: Install apt dependencies
# run: sudo apt-get install -y python3-dev openssl libssl-dev gcc pkg-config libffi-dev libxml2-dev libxmlsec1-dev
# - name: Install dependencies
# run: pip install -r piptools_requirements.txt && pip install -r requirements.txt
# - name: Run license finder
# run: license_finder
test-unit:
runs-on: ubuntu-22.04
strategy:
matrix:
python-version: ['3.10.x']
steps:
- name: Checkout
uses: actions/checkout@v1
- name: Setup python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}
- name: Install apt dependencies
run: sudo apt-get update && sudo apt-get install -y python3-dev openssl libssl-dev gcc pkg-config libffi-dev libxml2-dev libxmlsec1-dev
- name: Install dependencies
run: pip install -r piptools_requirements.txt && pip install -r requirements.txt
- name: Run python unit tests
run: make test_unit
test-integration:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v1
- name: Run python integration tests
run: "make actions_test_integration"
test-frontend:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v1
- uses: actions/setup-node@v1
with:
node-version: '20.x'
- name: Run frontend tests
run: "npm install grunt-cli && npm install && grunt test"
build-dist-docker-image:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v2
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4
with:
images: ghcr.io/${{ github.repository }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build
uses: docker/build-push-action@v3
with:
file: Dockerfile
push: false # only build the image, don't push it anywhere
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}