Upgrade jfrog-cli-security (#2778) #3477
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Scripts Tests | |
on: | |
push: | |
branches: | |
- '**' | |
tags-ignore: | |
- '**' | |
pull_request: | |
# Ensures that only the latest commit is running for each PR at a time. | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
Scripts-tests: | |
name: Script tests (${{ matrix.suite.os }}) | |
defaults: | |
run: | |
shell: sh | |
strategy: | |
fail-fast: false | |
matrix: | |
suite: | |
- os: "ubuntu-latest" | |
- os: "ubuntu-20.04" | |
- os: "macos-latest" | |
- os: "macos-12" | |
- os: "windows-latest" | |
osSuffix: ".exe" | |
- os: "windows-2019" | |
osSuffix: ".exe" | |
runs-on: ${{ matrix.suite.os }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Setup Go with cache | |
uses: jfrog/.github/actions/install-go-with-cache@main | |
- name: Test install CLI - jf | |
run: | | |
sh build/installcli/jf.sh | |
jf --version | |
- name: Test install CLI - jfrog | |
run: | | |
sh build/installcli/jfrog.sh | |
jfrog --version | |
- name: Test get CLI - jf | |
run: | | |
sh build/getcli/jf.sh | |
./jf --version | |
- name: Test get CLI - jfrog | |
run: | | |
sh build/getcli/jfrog.sh | |
./jfrog --version | |
- name: Check Windows Certificate Expiration Date | |
shell: pwsh | |
run: | | |
$signature = Get-AuthenticodeSignature -FilePath ./jfrog.exe | |
$expirationDate = $signature.SignerCertificate.NotAfter | |
Write-Host "Certificate Expiration Date: $expirationDate" | |
$daysUntilExpiration = ($expirationDate - (Get-Date)).Days | |
if ($daysUntilExpiration -lt 30) { | |
Write-Host "The JFrog CLI Windows binary's certificate will expire within $daysUntilExpiration days." | |
exit 1 | |
} | |
if: contains( matrix.suite.os, 'windows') | |
- name: Test Build CLI - sh | |
run: | | |
rm ./jf | |
sh build/build.sh | |
./jf --version | |
if: contains( matrix.suite.os, 'macos') || contains( matrix.suite.os, 'ubuntu') | |
- name: Test Build CLI - bat | |
run: | | |
rm ./jfrog.exe | |
build/build.bat | |
./jfrog.exe --version | |
if: contains( matrix.suite.os, 'windows') | |
- name: Test install npm - v2 | |
working-directory: build/npm/v2 | |
# Prior to the release, we set the new version in the package.json files, introducing the pre-released version. | |
# This adjustment may result in an attempt to download a version that hasn't been published to releases.jfrog.io yet. | |
# To handle it, we fetch the most recent JFrog CLI release and store it in the latest_version param. | |
run: | | |
latest_version=$(npm view jfrog-cli-v2 version) | |
npm version $latest_version --allow-same-version | |
npm install --no-audit | |
./bin/jfrog${{ matrix.suite.osSuffix }} --version | |
- name: Test install npm - v2-jf | |
working-directory: build/npm/v2-jf | |
# Prior to the release, we set the new version in the package.json files, introducing the pre-released version. | |
# This adjustment may result in an attempt to download a version that hasn't been published to releases.jfrog.io yet. | |
# To handle it, we fetch the most recent JFrog CLI release and store it in the latest_version param. | |
run: | | |
latest_version=$(npm view jfrog-cli-v2-jf version) | |
npm version $latest_version --allow-same-version | |
npm install --no-audit | |
./bin/jf${{ matrix.suite.osSuffix }} --version |