Skip to content

Bump jose to address CVE (#4549) #111

Bump jose to address CVE (#4549)

Bump jose to address CVE (#4549) #111

Workflow file for this run

name: CD
on:
push:
tags:
- '*'
env:
GRADLE_OPTS: -Dhttp.keepAlive=false
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Set up JDK 14
uses: actions/setup-java@v1
with:
java-version: 14.0.x
- name: Checkout security
uses: actions/checkout@v2
- name: Cache Gradle packages
uses: actions/cache@v2
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Build
run: |
./gradlew clean build -Dbuild.snapshot=false -x test
artifact_zip=`ls $(pwd)/build/distributions/opensearch-security-*.zip | grep -v admin-standalone`
./gradlew build buildDeb buildRpm -ParchivePath=$artifact_zip -Dbuild.snapshot=false -x test
mkdir artifacts
cp $artifact_zip artifacts/
cp build/distributions/*.deb artifacts/
cp build/distributions/*.rpm artifacts/
zip -r artifacts.zip artifacts
echo "TAG_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
- name: Create Github Draft Release
id: create_release
uses: actions/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Release ${{ env.TAG_VERSION }}
draft: true
prerelease: false
- name: Upload Release Asset
id: upload-release-asset
uses: actions/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_name: artifacts.zip
asset_path: artifacts.zip
asset_content_type: application/zip
- name: Upload Workflow Artifacts
uses: actions/upload-artifact@v1
with:
name: artifacts
path: artifacts/