Skip to content

Update dependency sentry-sdk to v2 [SECURITY] #1057

Update dependency sentry-sdk to v2 [SECURITY]

Update dependency sentry-sdk to v2 [SECURITY] #1057

Workflow file for this run

name: CI
on: [push]
jobs:
python-tests:
runs-on: ubuntu-latest
services:
# Label used to access the service container
db:
# Docker Hub image
image: postgres:15.7
# Set health checks to wait until postgres has started
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres # pragma: allowlist secret
POSTGRES_DB: postgres
ports:
- 5432:5432
redis:
image: redis:3.2.12@sha256:7b0a40301bc1567205e6461c5bf94c38e1e1ad0169709e49132cafc47f6b51f3
ports:
- 6379:6379
steps:
- uses: actions/checkout@v2
- name: Apt install
run: cat Aptfile | sudo xargs apt-get install
- name: Install poetry
uses: snok/install-poetry@v1
with:
version: 1.5.1
virtualenvs-create: true
virtualenvs-in-project: true
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.9.19"
cache: poetry
- name: Install dependencies
run: poetry install --no-interaction
- name: Code formatting
run: poetry run black --check .
- name: Lint
run: poetry run pylint ./**/*.py
- name: Tests
run: |
export MEDIA_ROOT="$(mktemp -d)"
./scripts/test/python_tests.sh
env:
DEBUG: 'False'
NODE_ENV: 'production'
DATABASE_URL: postgres://postgres:postgres@localhost:5432/postgres # pragma: allowlist secret
ODL_VIDEO_SECURE_SSL_REDIRECT: 'False'
ODL_VIDEO_DB_DISABLE_SSL: 'True'
CELERY_TASK_ALWAYS_EAGER: 'True'
REDIS_URL: redis://localhost:6379/4
XDG_CACHE_HOME: /src/.cache
SECRET_KEY: actions_secret
AWS_ACCESS_KEY_ID: fakeawskey
AWS_SECRET_ACCESS_KEY: fakeawssecret
AWS_REGION: us-east-1
CLOUDFRONT_KEY_ID: cfkeyid
DROPBOX_KEY: foo_dropbox_key
ET_PIPELINE_ID: foo_et_pipeline_id
FIELD_ENCRYPTION_KEY: jtma0CL1QMRLaJgjXNlJh3mtPNcgok0G5ajRCMZ_XNI=
GA_DIMENSION_CAMERA: fake
GA_KEYFILE_JSON: fake
GA_VIEW_ID: fake
GA_TRACKING_ID: fake
LECTURE_CAPTURE_USER: admin
MAILGUN_URL: http://fake_mailgun_url.com
MAILGUN_KEY: foookey
ODL_VIDEO_BASE_URL: http://video.example.com
VIDEO_S3_BUCKET: video-s3
VIDEO_S3_TRANSCODE_BUCKET: video-s3-transcodes
VIDEO_S3_THUMBNAIL_BUCKET: video-s3-thumbs
VIDEO_S3_SUBTITLE_BUCKET: video-s3-subtitles
VIDEO_S3_WATCH_BUCKET: video-s3-watch
VIDEO_CLOUDFRONT_DIST: video-cf
YT_ACCESS_TOKEN: fake
YT_REFRESH_TOKEN: fake
YT_CLIENT_ID: fake
YT_CLIENT_SECRET: fakse # pragma: allowlist secret
YT_PROJECT_ID: fake
- name: Upload coverage to CodeCov
uses: codecov/codecov-action@v3
with:
file: ./coverage.xml
javascript-tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up NodeJS
uses: actions/setup-node@v2-beta
with:
node-version: 13.13.0
- name: Setup environment
run: sudo apt-get install libelf1
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v1
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install dependencies
run: yarn install --frozen-lockfile --ignore-engines --prefer-offline
- name: Lints
run: npm run lint
- name: Tests
run: npm run test
env:
CODECOV: true
NODE_ENV: development
- name: Webpack build
run: node node_modules/webpack/bin/webpack.js --config webpack.config.prod.js --bail
- name: Upload test coverage to CodeCov
uses: codecov/codecov-action@v3
with:
file: coverage/lcov.info