Bump cryptography from 42.0.4 to 43.0.1 #18948
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: ["main"] | |
paths-ignore: | |
- maintenance/**/*.* | |
pull_request: | |
paths-ignore: | |
- maintenance/**/*.* | |
jobs: | |
test_node: | |
name: Node CI | |
runs-on: ubuntu-20.04 | |
env: | |
ALLOWED_HOSTS: localhost,mozfest.localhost,default-site.com,secondary-site.com | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com | |
PULSE_DOMAIN: https://www.mozillapulse.org | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 20 | |
cache: "npm" | |
- name: Install Node Dependencies | |
run: npm ci | |
- name: Run linting | |
run: npm run lint | |
test_wagtail: | |
name: Wagtail CI | |
runs-on: ubuntu-20.04 | |
services: | |
postgres: | |
image: postgres:15 | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
POSTGRES_DB: network | |
ports: | |
- 5432:5432 | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
env: | |
ALLOWED_HOSTS: localhost,mozfest.localhost,default-site.com,secondary-site.com | |
BASKET_URL: https://basket-dev.allizom.org | |
CONTENT_TYPE_NO_SNIFF: True | |
CORS_ALLOWED_ORIGINS: "*" | |
COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }} | |
DATABASE_URL: postgres://postgres:postgres@localhost:5432/network | |
DEBUG: True | |
DJANGO_SECRET_KEY: secret | |
DOMAIN_REDIRECT_MIDDLEWARE_ENABLED: False | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PIPENV_VERBOSITY: -1 | |
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com | |
PULSE_DOMAIN: https://www.mozillapulse.org | |
RANDOM_SEED: 530910203 | |
SET_HSTS: False | |
SSL_REDIRECT: False | |
TARGET_DOMAINS: foundation.mozilla.org | |
USE_S3: False | |
X_FRAME_OPTIONS: DENY | |
XSS_PROTECTION: True | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: 3.11 | |
cache: "pip" | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 20 | |
- name: Install Python Dependencies | |
run: pip install -r requirements.txt -r dev-requirements.txt | |
- name: Install Node Dependencies | |
run: npm ci | |
- name: Install additional tooling | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y gettext | |
- name: Preroll | |
run: | | |
npm run build | |
python network-api/manage.py collectstatic --no-input --verbosity 0 | |
python network-api/manage.py check | |
python network-api/manage.py makemigrations --check --dry-run | |
python network-api/manage.py migrate --no-input | |
python network-api/manage.py block_inventory | |
python network-api/manage.py compilemessages | |
- name: Run linting | |
run: | | |
flake8 . | |
isort . --check-only | |
black . --check | |
djlint . --lint | |
# Skipping djlint format checking because it has consistency issues and issues with blocktrans. | |
# This should change when formatting is moved to a version using and AST. | |
# See also: https://github.com/Riverside-Healthcare/djLint/issues/493 | |
# djlint . --check | |
# | |
# Using djhtml indent check in the meantime. | |
djhtml -c maintenance/ network-api/ | |
- name: Run type checks | |
run: mypy network-api | |
- name: Run Tests | |
run: cd network-api && pytest -n auto -v --ds=networkapi.settings -cov=network-api/networkapi --cov-report=term-missing | |
test_integration: | |
name: Integration testing | |
runs-on: ubuntu-20.04 | |
services: | |
postgres: | |
image: postgres:15 | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
POSTGRES_DB: network | |
ports: | |
- 5432:5432 | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
env: | |
ALLOWED_HOSTS: 127.0.0.1,localhost,mozfest.localhost,default-site.com,secondary-site.com | |
BASKET_URL: https://basket-dev.allizom.org | |
CONTENT_TYPE_NO_SNIFF: True | |
CORS_ALLOWED_ORIGINS: "*" | |
DATABASE_URL: postgres://postgres:postgres@localhost:5432/network | |
DEBUG: True | |
DJANGO_SECRET_KEY: secret | |
DOMAIN_REDIRECT_MIDDLEWARE_ENABLED: False | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PIPENV_VERBOSITY: -1 | |
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com | |
PULSE_DOMAIN: https://www.mozillapulse.org | |
RANDOM_SEED: 530910203 | |
SET_HSTS: False | |
SSL_REDIRECT: False | |
TARGET_DOMAINS: foundation.mozilla.org | |
USE_S3: False | |
X_FRAME_OPTIONS: DENY | |
XSS_PROTECTION: True | |
CSP_CONNECT_SRC: "*" | |
CSP_FONT_SRC: "'self' https://code.cdn.mozilla.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ data: https://static.fundraiseup.com/common-fonts/" | |
CSP_IMG_SRC: "* data: blob: https://*.fundraiseup.com https://ucarecdn.com https://pay.google.com https://*.paypalobjects.com" | |
CSP_FRAME_SRC: "'self' https://www.google.com/recaptcha/ https://*.stripe.com https://pay.google.com https://*.paypal.com https://*.fundraiseup.com" | |
CSP_SCRIPT_SRC: "'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js http://*.shpg.org/ https://comments.mozillafoundation.org/ https://airtable.com https://platform.twitter.com https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ScrollTrigger.min.js https://*.googletagmanager.com https://*.fundraiseup.com https://mozillafoundation.tfaforms.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://*.stripe.com https://m.stripe.network https://*.paypal.com https://*.paypalobjects.com https://pay.google.com" | |
CSP_STYLE_SRC: "'self' 'unsafe-inline' https://code.cdn.mozilla.net https://platform.twitter.com https://mozillafoundation.tfaforms.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" | |
SECURE_CROSS_ORIGIN_OPENER_POLICY: "same-origin-allow-popups" | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: 3.11 | |
cache: "pip" | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 20 | |
cache: "npm" | |
- name: Install Python Dependencies | |
run: pip install -r requirements.txt -r dev-requirements.txt | |
- name: Install Node Dependencies | |
run: npm ci | |
- name: Install additional tooling | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y gettext libgconf-2-4 | |
- name: Install Playwright | |
run: npm run playwright:install | |
- name: Preroll | |
run: | | |
npm run build | |
python network-api/manage.py collectstatic --no-input --verbosity 0 | |
python network-api/manage.py migrate --no-input | |
python network-api/manage.py block_inventory | |
python network-api/manage.py load_fake_data | |
- name: Integration Tests | |
run: npm run playwright:ci |