Skip to content

update few minor dependencies to resolve CVEs (#15464) #39

update few minor dependencies to resolve CVEs (#15464)

update few minor dependencies to resolve CVEs (#15464) #39

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: "Unit & Integration tests CI"
on:
push:
paths-ignore:
- '**/*.md'
- 'dev/**'
- 'docs/**'
- 'examples/**/jupyter-notebooks/**'
- 'helm/**'
- 'web-console/**'
- 'website/**'
branches:
- master
- '[0-9]+.[0-9]+.[0-9]+' # release branches
- '[0-9]+.[0-9]+.[0-9]+-[A-Za-z0-9]+' # release branches
pull_request:
paths-ignore:
- '**/*.md'
- 'dev/**'
- 'docs/**'
- 'examples/**/jupyter-notebooks/**'
- 'helm/**'
- 'web-console/**'
- 'website/**'
branches:
- master
- '[0-9]+.[0-9]+.[0-9]+' # release branches
- '[0-9]+.[0-9]+.[0-9]+-[A-Za-z0-9]+' # release branches
concurrency:
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.run_id }}' # group workflows only on pull_requests and not on branch commits
cancel-in-progress: true
env:
MYSQL_DRIVER_CLASSNAME: com.mysql.jdbc.Driver # Used to set druid config in docker image for revised ITs
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 5
jobs:
build:
name: "build (jdk${{ matrix.jdk }})"
strategy:
fail-fast: false
matrix:
jdk: [ '8', '11', '17', '21' ]
runs-on: ubuntu-latest
steps:
- name: Checkout branch
uses: actions/checkout@v3
# skip the "cache: maven" step from setup-java. We explicitly use a
# different cache key since we cannot reuse it across commits.
- uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: ${{ matrix.jdk }}
# the build step produces SNAPSHOT artifacts into the local maven repository,
# we include github.sha in the cache key to make it specific to that build/jdk
- name: Cache Maven m2 repository
id: maven
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: maven-${{ runner.os }}-${{ matrix.jdk }}-${{ github.sha }}
restore-keys: setup-java-Linux-maven-${{ hashFiles('**/pom.xml') }}
- name: Cache targets
id: target
uses: actions/cache@v3
with:
path: |
./**/target
key: maven-${{ runner.os }}-${{ matrix.jdk }}-targets-${{ github.sha }}
- name: Cache image
id: docker_container
uses: actions/cache@v3
with:
key: druid-container-jdk${{ matrix.jdk }}.tar.gz-${{ github.sha }}
path: |
./druid-container-jdk${{ matrix.jdk }}.tar.gz
./integration-tests-ex/image/target/env.sh
- name: Maven build
id: maven_build
run: |
./it.sh ci
- name: Container build
run: |
./it.sh image
source ./integration-tests-ex/image/target/env.sh
docker tag $DRUID_IT_IMAGE_NAME $DRUID_IT_IMAGE_NAME-jdk${{ matrix.jdk }}
- name: Save docker container to archive
run: |
source ./integration-tests-ex/image/target/env.sh
echo $DRUID_IT_IMAGE_NAME
docker save "$DRUID_IT_IMAGE_NAME" | gzip > druid-container-jdk${{ matrix.jdk }}.tar.gz
unit-tests-phase2:
strategy:
fail-fast: false
matrix:
jdk: [ 11, 17, 21 ]
name: "unit tests (jdk${{ matrix.jdk }}, sql-compat=true)"
uses: ./.github/workflows/unit-tests.yml
needs: unit-tests
if: ${{ always() && (needs.unit-tests.result == 'success' || needs.unit-tests.outputs.continue_tests) }}
with:
jdk: ${{ matrix.jdk }}
sql_compatibility: true
unit-tests:
strategy:
fail-fast: false
matrix:
sql_compatibility: [ false, true ]
name: "unit tests (jdk8, sql-compat=${{ matrix.sql_compatibility }})"
uses: ./.github/workflows/unit-tests.yml
needs: build
with:
jdk: 8
sql_compatibility: ${{ matrix.sql_compatibility }}
standard-its:
needs: unit-tests
if: ${{ always() && (needs.unit-tests.result == 'success' || needs.unit-tests.outputs.continue_tests) }}
uses: ./.github/workflows/standard-its.yml
revised-its:
needs: unit-tests
if: ${{ always() && (needs.unit-tests.result == 'success' || needs.unit-tests.outputs.continue_tests) }}
uses: ./.github/workflows/revised-its.yml