Skip to content

fix(deps): update dependency werkzeug to v2.3.8 [security] #10055

fix(deps): update dependency werkzeug to v2.3.8 [security]

fix(deps): update dependency werkzeug to v2.3.8 [security] #10055

Workflow file for this run

on:
push:
name: Python tests
jobs:
test:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:11.20-bullseye@sha256:4e4b23580ada59c9ec5a712bdff9f91b0e6a7898d9ea954306b953c426727cef
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: test_notification_api
ports:
- 5432:5432
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- name: Install libcurl
run: sudo apt-get update && sudo apt-get install libssl-dev libcurl4-openssl-dev
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up Python 3.10
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
with:
python-version: '3.10'
- name: Upgrade pip
run: python -m pip install --upgrade pip
- uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install poetry
env:
POETRY_VERSION: "1.3.2"
run: pip install poetry==${POETRY_VERSION} && poetry --version
- name: Check poetry.lock aligns with pyproject.toml
run: poetry lock --check
- name: Install requirements
run: poetry install --with test
- name: Run tests
run: poetry run make test
- name: Upload pytest logs on failure
if: ${{ failure() }}
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: pytest-logs
path: |
pytest*.log
- name: Get python version
run: |
python_version=$(python -V | cut -d' ' -f2)
echo "python_version=${python_version}" >> $GITHUB_ENV
- name: Make version file
run: |
printf '__commit_sha__ = "09cfe03100443fb9071bba88d5c8775ff54a9ebc"\n__time__ = "2022-07-25:15:11:05"\n' > version.py
cp version.py "${{ github.workspace }}/app/"
- name: Copy site-packages in workspace
working-directory: ${{ github.workspace }}
shell: bash
run: |
mkdir -p "${{ github.workspace }}/env/" && cp -fR $(poetry env list | poetry env info -p)/lib/python3.10/site-packages "${{ github.workspace }}/env/"
- name: Install development .env file
working-directory: ${{ github.workspace }}
shell: bash
run: |
cp -f .env.example .env
- name: Checks for new endpoints against AWS WAF rules
uses: cds-snc/notification-utils/.github/actions/waffles@b50a26d4a2c1844369640aa9de399d0b02e896b5 # 52.0.12
with:
app-loc: '/github/workspace'
app-libs: '/github/workspace/env/site-packages'
flask-mod: 'application'
flask-prop: 'application'
base-url: 'https://api.staging.notification.cdssandbox.xyz'
- name: Notify Slack channel if this job fails
if: ${{ failure() && github.ref == 'refs/heads/main' }}
run: |
json="{'text':'Scheduled CI testing failed: <https://github.com/cds-snc/notification-api/actions/runs/${GITHUB_RUN_ID}|GitHub actions>'}"
curl -X POST -H 'Content-type: application/json' --data "$json" ${{ secrets.SLACK_WEBHOOK }}