Skip to content
Build and Test

chore(deps): Bump setuptools from 75.3.0 to 75.5.0 #403

Sign in to view logs

chore(deps): Bump setuptools from 75.3.0 to 75.5.0

chore(deps): Bump setuptools from 75.3.0 to 75.5.0 #403

Workflow file for this run

.github/workflows/test.yaml at 8e026b3
name: Build and Test
on:
push:
branches:
- master
pull_request:
branches:
- master
paths:
- "**/Dockerfile"
- "poetry.lock"
- "pyproject.toml"
- "requirements.txt"
- ".github/workflows/test.yaml"
env:
DOCKER_USERNAME: tiryoh
DOCKER_IMAGENAME: mkdocs-builder
jobs:
build:
strategy:
matrix:
target: [alpine, debian]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build docker image
env:
DOCKER_LABEL: ${{ matrix.target }}
run: |
docker build -t $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_LABEL -f $DOCKER_LABEL/Dockerfile .
- name: Checkout mkdocs
uses: actions/checkout@v4
with:
repository: squidfunk/mkdocs-material
path: mkdocs-material
- name: Test building mkdocs
env:
DOCKER_LABEL: ${{ matrix.target }}
run: |
docker run --rm -v $PWD/mkdocs-material:/docs $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_LABEL build
- name: List docker images
run: |
mkdir -p build_log
docker image ls "$DOCKER_USERNAME/*" | tee ./build_log/docker_images.txt
- uses: actions/upload-artifact@v3
with:
name: build-log-${{ matrix.target }}
path: build_log
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ env.DOCKER_USERNAME }}/${{ env.DOCKER_IMAGENAME }}:${{ matrix.target }}'
exit-code: '0'
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
env:
TRIVY_SKIP_DB_UPDATE: true
TRIVY_SKIP_JAVA_DB_UPDATE: true
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
wait-for-processing: true