[stable30] fix(security): Update CA certificate bundle #11302
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors | |
# SPDX-License-Identifier: MIT | |
name: Object storage S3 | |
on: | |
pull_request: | |
schedule: | |
- cron: "15 2 * * *" | |
concurrency: | |
group: object-storage-s3-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
changes: | |
runs-on: ubuntu-latest-low | |
outputs: | |
src: ${{ steps.changes.outputs.src}} | |
steps: | |
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
id: changes | |
continue-on-error: true | |
with: | |
filters: | | |
src: | |
- '.github/workflows/**' | |
- '3rdparty/**' | |
- '**/appinfo/**' | |
- '**/lib/**' | |
- '**/templates/**' | |
- '**/tests/**' | |
- 'vendor/**' | |
- 'vendor-bin/**' | |
- '.php-cs-fixer.dist.php' | |
- 'composer.json' | |
- 'composer.lock' | |
- '**.php' | |
s3-primary-tests-minio: | |
runs-on: ubuntu-latest | |
needs: changes | |
if: ${{ github.repository_owner != 'nextcloud-gmbh' && needs.changes.outputs.src != 'false' }} | |
strategy: | |
matrix: | |
php-versions: ['8.1', '8.2'] | |
include: | |
- php-versions: '8.3' | |
coverage: true | |
name: php${{ matrix.php-versions }}-s3 | |
services: | |
cache: | |
image: ghcr.io/nextcloud/continuous-integration-redis:latest | |
ports: | |
- 6379:6379/tcp | |
options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3 | |
minio: | |
image: bitnami/minio | |
env: | |
MINIO_ROOT_USER: nextcloud | |
MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ= | |
MINIO_DEFAULT_BUCKETS: nextcloud | |
ports: | |
- "9000:9000" | |
steps: | |
- name: Checkout server | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 | |
with: | |
submodules: true | |
- name: Set up php ${{ matrix.php-versions }} | |
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1 | |
with: | |
php-version: ${{ matrix.php-versions }} | |
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation | |
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite | |
coverage: ${{ matrix.coverage && 'xdebug' || 'none' }} | |
ini-file: development | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Nextcloud | |
env: | |
OBJECT_STORE: s3 | |
OBJECT_STORE_KEY: nextcloud | |
OBJECT_STORE_SECRET: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ= | |
run: | | |
composer install | |
cp tests/redis.config.php config/ | |
cp tests/preseed-config.php config/config.php | |
./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password | |
php -f tests/enable_all.php | grep -i -C9999 error && echo "Error during app setup" && exit 1 || exit 0 | |
- name: Wait for S3 | |
run: | | |
sleep 10 | |
curl -f -m 1 --retry-connrefused --retry 10 --retry-delay 10 http://localhost:9000/minio/health/ready | |
- name: PHPUnit | |
env: | |
OBJECT_STORE: s3 | |
OBJECT_STORE_KEY: nextcloud | |
OBJECT_STORE_SECRET: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ= | |
run: composer run test -- --group PRIMARY-s3 ${{ matrix.coverage && ' --coverage-clover ./clover.xml' || '' }} | |
- name: Upload code coverage | |
if: ${{ !cancelled() && matrix.coverage }} | |
uses: codecov/[email protected] | |
with: | |
files: ./clover.xml | |
flags: phpunit-s3 | |
- name: S3 logs | |
if: always() | |
run: | | |
docker ps -a | |
docker ps -aq | while read container ; do IMAGE=$(docker inspect --format='{{.Config.Image}}' $container); echo $IMAGE; docker logs $container; echo "\n\n" ; done | |
s3-primary-summary: | |
runs-on: ubuntu-latest-low | |
needs: [changes,s3-primary-tests-minio] | |
if: always() | |
steps: | |
- name: Summary status | |
run: if ${{ needs.changes.outputs.src != 'false' && needs.s3-primary-tests-minio.result != 'success' }}; then exit 1; fi |