Skip to content

[Snyk] Security upgrade tornado from 6.2 to 6.4.2 #1261

[Snyk] Security upgrade tornado from 6.2 to 6.4.2

[Snyk] Security upgrade tornado from 6.2 to 6.4.2 #1261

Workflow file for this run

name: CI & CD
# Reference:
# https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#on
on: [push, pull_request]
env:
docker_image_name: rbonghi/jetson_stats
# Reference
# https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions
jobs:
build:
name: Test on python ${{ matrix.python-version }}
runs-on: ubuntu-latest
strategy:
# max-parallel: 1
matrix:
python-version: ["3.8", "3.9", "3.10", "3.11"]
steps:
- run: echo "Branch $GITHUB_REF"
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
# Make group jtop
sudo groupadd jtop
# Upgrade pip
# https://github.com/actions/setup-python/issues/225
sudo -H env "PATH=$PATH" python -m pip install --upgrade pip
# Install tox
# https://github.com/actions/setup-python/issues/225
sudo -H env "PATH=$PATH" pip install tox
- name: Display Python version
run: sudo env "PATH=$PATH" python -c "import sys; print(sys.version)"
- name: Test with tox
run: |
# https://github.com/actions/setup-python/issues/225
sudo env "PATH=$PATH" tox -e py${{ matrix.python-version }}
docker:
name: "Build Docker image develop"
runs-on: ubuntu-latest
needs: [build]
steps:
# https://github.com/docker/build-push-action/blob/master/docs/advanced/tags-labels.md
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
# https://github.com/docker/metadata-action/issues/123
github-token: ${{ secrets.GITHUB_TOKEN }}
images: ${{ env.docker_image_name }}
# generate Docker tags based on the following events/attributes
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=ref,event=tag
type=ref,event=pr
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: |
github.actor != 'dependabot[bot]' &&
github.event_name != 'pull_request' &&
!startsWith(github.ref, 'refs/heads/feature/') &&
!contains(github.ref, '.dev') &&
!contains(github.ref, 'rc')
uses: docker/[email protected]
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
id: docker_build
uses: docker/[email protected]
with:
push: |
${{ github.actor != 'dependabot[bot]' &&
github.event_name != 'pull_request' &&
!startsWith(github.ref, 'refs/heads/feature/') &&
!contains(github.ref, '.dev') &&
!contains(github.ref, 'rc')
}}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64, linux/arm64
docs:
name: Documentation
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Build sphinx
# Manual build documentation
# Follow https://github.com/ammaraskar/sphinx-action/issues/43#issuecomment-1218439431
run: |
# Upgrade pip
# https://github.com/actions/setup-python/issues/225
sudo -H env "PATH=$PATH" python -m pip install --upgrade pip
# Install jtop
sudo -H env "PATH=$PATH" pip install -v -e .
# Install sphinx requirements
sudo -H env "PATH=$PATH" pip install -r docs/requirements.txt
# Run sphinx
cd docs
sphinx-build -b html -W . _build/html
- name: Export website
id: export_website
if: ${{ !startsWith(github.ref, 'refs/heads/master') }}
uses: actions/upload-artifact@v4
with:
name: html
path: docs/_build/html # The folder the action should deploy.
- name: Deploy on branch
if: startsWith(github.ref, 'refs/heads/master') || (startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '.dev') && !contains(github.ref, 'rc'))
# Follow: https://github.com/marketplace/actions/deploy-to-github-pages
uses: JamesIves/github-pages-deploy-action@releases/v3
with:
ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}
BRANCH: gh-pages # The branch the action should deploy to.
FOLDER: docs/_build/html # The folder the action should deploy.
update_docker_description:
name: Update docker description
if: startsWith(github.ref, 'refs/heads/master') || (startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '.dev') && !contains(github.ref, 'rc'))
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Docker Hub Description # https://github.com/peter-evans/dockerhub-description
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
repository: rbonghi/jetson_stats
short-description: ${{ github.event.repository.description }}
readme-filepath: ./README.md
deploy:
name: Deploy on PIP
needs: [build, docker]
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Install dependencies
run: |
sudo -H python -m pip install --upgrade pip
sudo -H pip install setuptools wheel twine
- name: Build and publish
env:
TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
run: |
sudo python setup.py sdist
twine upload dist/*
notify:
name: "Notify socials"
needs: [deploy, docs]
runs-on: ubuntu-latest
steps:
- name: Repository status
id: repo_status
shell: bash
run: |
if ${{ startsWith(github.ref, 'refs/tags/') }} ; then
TAG_RELEASE=${GITHUB_REF/refs\/tags\//}
else
TAG_RELEASE=${GITHUB_REF/refs\/heads\//}
fi
echo ::set-output name=tag::${TAG_RELEASE}
echo "tag=${TAG_RELEASE}"
- name: Discord notification
env:
DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
uses: Ilshidur/action-discord@master
with:
args: "jetson-stats **${{ steps.repo_status.outputs.tag }}** has been deployed!\nTo install `sudo pip3 install jetson-stats==${{ steps.repo_status.outputs.tag }}`"
- name: Send telegram message
uses: appleboy/telegram-action@master
with:
to: ${{ secrets.TELEGRAM_TO }}
token: ${{ secrets.TELEGRAM_TOKEN }}
message: |
jetson-stats **${{ steps.repo_status.outputs.tag }}** has been deployed!
See changes: https://github.com/${{ github.repository }}/releases/latest