ci(megalinter): re-enable trivy #2212
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Test built docker images by building simple projects inside them | |
name: pytest | |
on: | |
pull_request: | |
pull_request_review: | |
types: ['submitted'] | |
merge_group: | |
push: | |
branches: ['main'] | |
tags: ['v*'] | |
permissions: | |
contents: read | |
jobs: | |
# Status check for all jobs below | |
# This is to allow SKIPPED be considered as SUCCESS | |
status-check-pytest: | |
runs-on: ubuntu-latest | |
if: always() | |
needs: | |
- pytest | |
steps: | |
- name: Check status | |
uses: re-actors/alls-green@release/v1 | |
with: | |
allowed-skips: ${{ toJSON(needs) }} | |
jobs: ${{ toJSON(needs) }} | |
# Check we jobs should be ran or skipped | |
skip-check: | |
runs-on: ubuntu-latest | |
# Required permissions | |
permissions: | |
pull-requests: read | |
outputs: | |
changes: ${{ steps.filter.outputs.changes }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: dorny/paths-filter@v3 | |
id: filter | |
with: | |
filters: | | |
changes: | |
- '.dagger-ci/**' | |
- '.github/workflows/pytest.yml' | |
pytest: | |
runs-on: ubuntu-latest | |
needs: skip-check | |
if: ${{ ! (github.event_name == 'pull_request_review' && github.actor != 'github-actions[bot]') && needs.skip-check.outputs.changes == 'true' }} | |
# Skip if pull_request_review on PR not made by a bot | |
steps: | |
- name: Install Taskfile | |
uses: arduino/setup-task@v2 | |
- name: Setup python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.x' | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install deps | |
run: | | |
curl -SL "$( curl -s https://api.github.com/repos/docker/compose/releases/latest | grep 'browser_download_url' | grep "docker-compose-linux-$(uname -m)" | grep -v '.sha256' | sed -E 's/.*https/https/g' | sed -E 's/\"//g' )" -o docker-compose | |
sudo mv docker-compose /usr/local/bin/docker-compose | |
sudo chmod +x /usr/local/bin/docker-compose | |
docker-compose --version | |
docker-compose -f docker/compose.yaml config | |
- name: Install python dependencies | |
run: pip install -r ./.dagger-ci/daggerci/requirements.txt | |
- name: Run pytest | |
run: | | |
cd .dagger-ci | |
task test |