Skip to content

Audit

Audit #1348

Workflow file for this run

name: Audit
on:
schedule:
- cron: '30 2 * * *'
env:
POETRY_DYNAMIC_VERSIONING_BYPASS: 0.0.0
jobs:
audit:
name: Audit
runs-on: ubuntu-22.04
timeout-minutes: 10
strategy:
fail-fast: false
matrix:
branch:
- '1.1'
- '1.2'
- '1.3'
- '1.4'
- '1.5'
- '1.6'
steps:
- uses: actions/checkout@v4
with:
ref: ${{ matrix.branch }}
token: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
- uses: camptocamp/initialise-gopass-summon-action@v2
with:
ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}}
github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}}
- run: python3 -m venv ~/.venv
- run: ~/.venv/bin/pip install --pre c2cciutils[audit]
- run: python3 -m pip install --pre c2cciutils[audit]
- name: Check .tool-versions file existence
id: tool-versions
uses: andstor/file-existence-action@v3
with:
files: .tool-versions
- uses: asdf-vm/actions/install@v3
if: steps.tool-versions.outputs.files_exists == 'true'
- run: cat /tmp/python-build.*.log
if: failure()
- run: python --version
- name: Snyk audit
run: ~/.venv/bin/c2cciutils-audit --branch=${{ matrix.branch }}
env:
GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
- name: Check ci/dpkg-versions.yaml file existence
id: dpkg-versions
uses: andstor/file-existence-action@v3
with:
files: ci/dpkg-versions.yaml
- name: Update dpkg packages versions
run: ~/.venv/bin/c2cciutils-docker-versions-update --branch=${{ matrix.branch }}
env:
GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
if: steps.dpkg-versions.outputs.files_exists == 'true'