Skip to content

#235 Fix vulnerability CVE-2023-42503 #402

#235 Fix vulnerability CVE-2023-42503

#235 Fix vulnerability CVE-2023-42503 #402

Workflow file for this run

name: CI Build
on:
push:
branches:
- main
pull_request:
jobs:
build:
strategy:
fail-fast: false
matrix:
# ATTENTION: When changing the versions in the matrix, make sure one of them is listed as default version below
# Only for the default version you will get a Sonar analysis!
docker_db_version: ["7.1.23", "8.22.0"]
env:
DEFAULT_DB_VERSION: "7.1.23"
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.docker_db_version }}
cancel-in-progress: true
steps:
- name: Free Disk Space
run: |
sudo rm -rf /usr/local/lib/android
sudo rm -rf /usr/share/dotnet
- name: Checkout the repository
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up JDK 11 & 17
uses: actions/setup-java@v3
with:
distribution: "temurin"
java-version: |
17
11
cache: "maven"
- name: Cache SonarCloud packages
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Enable testcontainer reuse
run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties"
- name: Run tests and build with Maven
run: |
echo
echo "--------------------------------------------------------------"
echo " Running matrix test with docker_db_version ${{ matrix.docker_db_version }} "
echo "--------------------------------------------------------------"
echo
echo "Support information archives are written to $SUPPORT_DIR"
echo
mkdir -p "$SUPPORT_DIR"
JAVA_HOME=$JAVA_HOME_11_X64 mvn --batch-mode clean verify \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-DtrimStackTrace=false \
-Dcom.exasol.dockerdb.image=${{ matrix.docker_db_version }} \
-Dcom.exasol.containers.support_information_target_dir="$SUPPORT_DIR" \
-Dcom.exasol.containers.monitored_exit=EXIT_ANY \
-Pslow
env:
SUPPORT_DIR: ${{ github.workspace }}/target/support
- name: Publish support package for ${{ matrix.docker_db_version }}
uses: actions/upload-artifact@v3
if: ${{ always() }}
with:
name: support-db-${{ matrix.docker_db_version }}-run-${{ github.run_id }}
path: target/support
- name: Publish Test Report
uses: scacap/action-surefire-report@v1
if: ${{ always() && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }}
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Sonar analysis
if: ${{ env.SONAR_TOKEN != null && env.DEFAULT_DB_VERSION == matrix.docker_db_version }}
run: |
JAVA_HOME=$JAVA_HOME_17_X64 mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-DtrimStackTrace=false \
-Dsonar.organization=exasol \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.login=$SONAR_TOKEN
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}