deps: update dependency org.metaeffekt.core:ae-security to v0.128.0 #14776
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Test | |
on: | |
pull_request: | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
env: | |
GRADLE_OPTS: -Dorg.gradle.daemon=false -Dkotest.assertions.multi-line-diff=unified -Dkotest.tags=!ExpensiveTag | |
REGISTRY: ghcr.io | |
TEST_IMAGE_TAG: ort:test | |
jobs: | |
build: | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 | |
- name: Build all classes | |
run: ./gradlew classes | |
codeql-analysis: | |
needs: build | |
runs-on: ubuntu-24.04 | |
permissions: | |
# Needed for SARIF scanning upload. | |
security-events: write | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 | |
with: | |
languages: java | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 | |
- name: Build all classes | |
run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g --no-build-cache classes | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 | |
test: | |
needs: build | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 | |
- name: Run unit tests | |
run: ./gradlew --scan test jacocoTestReport | |
- name: Create Test Summary | |
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2 | |
with: | |
paths: "**/test-results/**/TEST-*.xml" | |
if: always() | |
- name: Upload code coverage data | |
uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
flags: test | |
funTest-non-docker: | |
needs: build | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
submodules: recursive | |
- name: Set tool version environment variables | |
run: sed "s/^ARG //" docker/versions.dockerfile >> $GITHUB_ENV | |
- name: Install required tools | |
run: | | |
# Uninstall mono-devel because it contains the "lc" command which conflicts with BoyterLc. | |
sudo apt-get -qq remove mono-devel | |
# Install git-repo. | |
mkdir -p $HOME/.local/bin | |
curl https://storage.googleapis.com/git-repo-downloads/repo -o $HOME/.local/bin/repo | |
chmod a+x $HOME/.local/bin/repo | |
# Install Askalono for functional tests. | |
curl -LOs https://github.com/amzn/askalono/releases/download/$ASKALONO_VERSION/askalono-Linux.zip | |
unzip askalono-Linux.zip -d $HOME/.local/bin | |
# Install Boyter Lc for functional tests. | |
curl -LOs https://github.com/boyter/lc/releases/download/v$BOYTERLC_VERSION/lc-$BOYTERLC_VERSION-x86_64-unknown-linux.zip | |
unzip lc-$BOYTERLC_VERSION-x86_64-unknown-linux.zip -d $HOME/.local/bin | |
# Install Licensee for functional tests. | |
echo "gem: --bindir $HOME/.local/bin" > $HOME/.gemrc | |
gem install --user-install licensee -v $LICENSEE_VERSION | |
# Install ScanCode for license texts. | |
curl -Os https://raw.githubusercontent.com/nexB/scancode-toolkit/v$SCANCODE_VERSION/requirements.txt | |
pipx install --pip-args="--no-cache-dir --constraint requirements.txt" scancode-toolkit==$SCANCODE_VERSION | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 | |
- name: Run functional tests that do not require external tools | |
run: ./gradlew --scan -Ptests.exclude=org.ossreviewtoolkit.plugins.packagemanagers.* funTest jacocoFunTestReport | |
- name: Create Test Summary | |
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2 | |
with: | |
paths: "**/test-results/**/TEST-*.xml" | |
if: always() | |
- name: Upload code coverage data | |
uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
flags: funTest-non-docker | |
funTest-docker: | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
submodules: recursive | |
- name: Free Disk Space | |
uses: ./.github/actions/free-disk-space | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 | |
- name: Build ORT Docker Image | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6 | |
with: | |
context: . | |
load: true | |
tags: ${{ env.TEST_IMAGE_TAG }} | |
target: all-tools | |
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort:cache | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4 | |
- name: Run functional tests that do require external tools | |
run: | | |
# Run the functional tests in the Docker container. | |
docker run \ | |
-u $(id -u):$(id -g) \ | |
-v /etc/group:/etc/group:ro \ | |
-v /etc/passwd:/etc/passwd:ro \ | |
-v /home/runner:/home/runner \ | |
-v ${{ github.workspace }}:/workspace \ | |
-w /workspace \ | |
-e HOME=/home/runner \ | |
-e GRADLE_OPTS="$GRADLE_OPTS" \ | |
${{ env.TEST_IMAGE_TAG }} \ | |
-c "./gradlew --scan -Ptests.include=org.ossreviewtoolkit.plugins.packagemanagers.* funTest jacocoFunTestReport" | |
- name: Create Test Summary | |
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2 | |
with: | |
paths: "**/test-results/**/TEST-*.xml" | |
if: always() | |
- name: Upload code coverage data | |
uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
flags: funTest-docker |