Skip to content

👷 [maykinmedia/objects-api#463] Add trivy image scan #1057

👷 [maykinmedia/objects-api#463] Add trivy image scan

👷 [maykinmedia/objects-api#463] Add trivy image scan #1057

Workflow file for this run

name: ci
on:
push:
branches:
- master
tags:
- '**'
pull_request:
workflow_dispatch:
env:
IMAGE_NAME: maykinmedia/objects-api
jobs:
tests:
name: Run the Django test suite
runs-on: ubuntu-latest
services:
postgres:
image: postgis/postgis:12-2.5
env:
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- 5432:5432
# needed because the postgres container does not provide a healthcheck
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- uses: actions/checkout@v4
- name: Set up backend environment
uses: maykinmedia/[email protected]
with:
apt-packages: 'libgdal-dev gdal-bin'
python-version: '3.11'
setup-node: true
- name: Run tests
run: |
python src/manage.py collectstatic --noinput --link
coverage run src/manage.py test src
env:
DJANGO_SETTINGS_MODULE: objects.conf.ci
SECRET_KEY: dummy
DB_USER: postgres
DB_PASSWORD: ''
- name: Publish coverage report
uses: codecov/codecov-action@v4
docs:
runs-on: ubuntu-latest
name: Documentation build
steps:
- uses: actions/checkout@v4
- name: Set up backend environment
uses: maykinmedia/[email protected]
with:
apt-packages: 'libgdal-dev gdal-bin'
python-version: '3.11'
setup-node: false
- name: Generate environment variable documentation using OAf and check if it was updated
run: |
bin/generate_envvar_docs.sh
changes=$(git diff docs/installation/config.rst)
if [ ! -z "$changes" ]; then
echo $changes
echo "Please update the environment documentation by running \`bin/generate_envvar_docs.sh\`"
exit 1
fi
env:
DJANGO_SETTINGS_MODULE: objects.conf.ci
store-reusable-workflow-vars:
name: create values which can be passed through a reusable workflow
runs-on: ubuntu-latest
outputs:
image-name: ${{ steps.image-name.outputs.image-name }}
steps:
- run: echo "image-name=$IMAGE_NAME" >> $GITHUB_OUTPUT
name: 'Store the docker image name'
id: image-name
open-api-ci:
uses: maykinmedia/open-api-workflows/.github/workflows/[email protected]
needs:
- store-reusable-workflow-vars
with:
main-branch: 'master'
run-docs: true
django-settings-module: objects.conf.ci
python-version: '3.11'
docker-image-name: ${{ needs.store-reusable-workflow-vars.outputs.image-name }}
open-api-publish:
uses: maykinmedia/open-api-workflows/.github/workflows/[email protected]
needs:
- store-reusable-workflow-vars
- open-api-ci
- tests
with:
docker-image-name: ${{ needs.store-reusable-workflow-vars.outputs.image-name }}
repository-owner: 'maykinmedia'
secrets:
docker-username: ${{ secrets.DOCKER_USERNAME }}
docker-token: ${{ secrets.DOCKER_TOKEN }}