Skip to content

[Snyk] Security upgrade org.apache.tomcat.embed:tomcat-embed-core from 10.1.31 to 10.1.34 #36494

[Snyk] Security upgrade org.apache.tomcat.embed:tomcat-embed-core from 10.1.31 to 10.1.34

[Snyk] Security upgrade org.apache.tomcat.embed:tomcat-embed-core from 10.1.31 to 10.1.34 #36494

Workflow file for this run

name: Run api tests
env:
# This is to make sure Maven don't timeout fetching dependencies. See: https://github.com/actions/virtual-environments/issues/1499
MAVEN_OPTS: -Xmx1024m -Xms1024m -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=125
on:
push:
branches:
- master
pull_request:
concurrency:
group: ${{ github.workflow}}-${{ github.ref }}
cancel-in-progress: true
jobs:
api-test:
env:
# We only publish to Dockerhub on PRs from https://github.com/dhis2/dhis2-core. PRs from forks or dependabot cannot access secrets.
DOCKERHUB_PUSH: ${{ github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }}
CORE_IMAGE_NAME: "dhis2/core-pr:${{ github.event_name == 'pull_request' && github.event.number || 'local' }}"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: 17
distribution: temurin
cache: maven
- name: Login to Docker Hub
if: ${{ env.DOCKERHUB_PUSH == 'true' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DHIS2_BOT_DOCKER_HUB_USERNAME }}
password: ${{ secrets.DHIS2_BOT_DOCKER_HUB_PASSWORD }}
- name: Build container image
run: |
if [ "$DOCKERHUB_PUSH" = "true" ]; then
# build and publish multi-arch images using Jib. Image is used for api tests in
# this workflow and can be pulled from Dockerhub by devs to run locally, ...
mvn clean verify --threads 2C --batch-mode --no-transfer-progress \
-DskipTests -Dmdep.analyze.skip --update-snapshots --file dhis-2/pom.xml \
--projects dhis-web-server --also-make --activate-profiles jibBuild \
-Djib.to.image=$CORE_IMAGE_NAME -Djib.container.labels=DHIS2_BUILD_REVISION=${{github.event.pull_request.head.sha}},DHIS2_BUILD_BRANCH=${{github.head_ref}}
else
# only build image for running api tests in this workflow i.e. master, 2.39, ...
mvn clean verify --threads 2C --batch-mode --no-transfer-progress \
-DskipTests -Dmdep.analyze.skip --update-snapshots --file dhis-2/pom.xml \
--projects dhis-web-server --also-make --activate-profiles jibDockerBuild \
-Djib.to.image=$CORE_IMAGE_NAME
fi
- name: Run tests
run: |
cd dhis-2/dhis-test-e2e
DHIS2_IMAGE=$CORE_IMAGE_NAME docker compose -f docker-compose.yml -f docker-compose.e2e.yml up --remove-orphans --exit-code-from test
- name: Upload logs
if: failure()
run: |
cd dhis-2/dhis-test-e2e
docker compose logs web > ~/logs.txt
- uses: actions/upload-artifact@v4
if: failure()
with:
name: "tomcat_logs"
path: "~/logs.txt"
send-slack-message:
runs-on: ubuntu-latest
if: |
always() &&
contains(needs.*.result, 'failure') &&
github.ref == 'refs/heads/master'
needs: [api-test]
steps:
- uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_BACKEND_WEBHOOK }}
SLACK_CHANNEL: "team-backend"
SLACK_MESSAGE: "Latest e2e test run on master failed and needs investigation :detective-duck:. \n Commit message: ${{ github.event.head_commit.message }}"
SLACK_COLOR: "#ff0000"