Skip to content

Add trivyignore file to ignore false positive CVEs in security scan #4753

Add trivyignore file to ignore false positive CVEs in security scan

Add trivyignore file to ignore false positive CVEs in security scan #4753

Workflow file for this run

name: Test
on:
pull_request:
branches:
- develop
- dev-[0-9]+.[0-9]+.[0-9]+
push:
branches:
- develop
tags:
- v*
workflow_dispatch:
env:
AERIE_USERNAME: "${{secrets.AERIE_USERNAME}}"
AERIE_PASSWORD: "${{secrets.AERIE_PASSWORD}}"
HASURA_GRAPHQL_ADMIN_SECRET: "${{secrets.HASURA_GRAPHQL_ADMIN_SECRET}}"
HASURA_GRAPHQL_JWT_SECRET: "${{secrets.HASURA_GRAPHQL_JWT_SECRET}}"
POSTGRES_USER: "${{secrets.POSTGRES_USER}}"
POSTGRES_PASSWORD: "${{secrets.POSTGRES_PASSWORD}}"
GATEWAY_USERNAME: "${{secrets.GATEWAY_USERNAME}}"
GATEWAY_PASSWORD: "${{secrets.GATEWAY_PASSWORD}}"
MERLIN_USERNAME: "${{secrets.MERLIN_USERNAME}}"
MERLIN_PASSWORD: "${{secrets.MERLIN_PASSWORD}}"
SCHEDULER_USERNAME: "${{secrets.SCHEDULER_USERNAME}}"
SCHEDULER_PASSWORD: "${{secrets.SCHEDULER_PASSWORD}}"
SEQUENCING_USERNAME: "${{secrets.SEQUENCING_USERNAME}}"
SEQUENCING_PASSWORD: "${{secrets.SEQUENCING_PASSWORD}}"
jobs:
unit-test:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: "21"
- name: Validate Gradle Wrapper
uses: gradle/wrapper-validation-action@v2
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Assemble
run: ./gradlew assemble --parallel
- name: Run Unit Tests
run: ./gradlew test --parallel
- name: Upload Test Results as XML and HTML
if: always()
uses: actions/upload-artifact@v4
with:
name: Unit Test Results
path: |
**/build/test-results/test
**/build/reports/tests/test
e2e-test:
runs-on: ubuntu-latest
environment: e2e-test
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: "21"
- name: Setup Postgres Client (psql)
run: |
sudo apt-get update
sudo apt-get install --yes postgresql-client
- name: Validate Gradle Wrapper
uses: gradle/wrapper-validation-action@v2
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Assemble
run: ./gradlew assemble --parallel
- name: Start Services
run: |
docker compose -f ./e2e-tests/docker-compose-test.yml up -d --build
docker images
docker ps -a
- name: Sleep for 30 Seconds
run: sleep 30s
shell: bash
- name: Run E2E Tests
run: ./gradlew e2eTest
- name: Upload E2E Test Results
if: always()
uses: actions/upload-artifact@v4
with:
name: E2E Test Results
path: |
**/e2e-tests/build/reports/tests/e2eTest
**/db-tests/build/reports/tests/e2eTest
**/sequencing-server/test-report.*
- name: Print Logs for Services
if: always()
run: docker compose -f ./e2e-tests/docker-compose-test.yml logs -t
- name: Stop Services
if: always()
run: |
docker ps -a
docker compose -f ./e2e-tests/docker-compose-test.yml down
docker ps -a
- name: Prune Volumes
if: always()
run: docker volume prune --force