Skip to content

[Snyk] Security upgrade commons-io:commons-io from 2.7 to 2.14.0 #103

[Snyk] Security upgrade commons-io:commons-io from 2.7 to 2.14.0

[Snyk] Security upgrade commons-io:commons-io from 2.7 to 2.14.0 #103

Workflow file for this run

# This workflow is responsible for building, testing & packaging the Java server codebase
name: Appsmith Server Workflow
on:
# This line enables manual triggering of this workflow.
workflow_dispatch:
push:
branches: [release, release-frozen, master]
# Only trigger if files have changed in this specific path
paths:
- "app/server/**"
pull_request:
branches: [release, master]
paths:
- "app/server/**"
# Change the working directory for all the jobs in this workflow
defaults:
run:
working-directory: app/server
jobs:
build:
runs-on: ubuntu-latest
# Only run this workflow for internally triggered events
if: |
github.event.pull_request.head.repo.full_name == github.repository ||
github.event_name == 'push' ||
github.event_name == 'workflow_dispatch'
# Service containers to run with this job. Required for running tests
services:
# Label used to access the service container
redis:
# Docker Hub image for Redis
image: redis
ports:
# Opens tcp port 6379 on the host and service container
- 6379:6379
steps:
# Checkout the code
- uses: actions/checkout@v2
with:
fetch-depth: 0
# Setup Java
- name: Set up JDK 1.11
uses: actions/setup-java@v1
with:
java-version: "11.0.10"
# Retrieve maven dependencies from cache. After a successful run, these dependencies are cached again
- name: Cache maven dependencies
uses: actions/cache@v2
env:
cache-name: cache-maven-dependencies
with:
# maven dependencies are stored in `~/.m2` on Linux/macOS
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
# Here, the GITHUB_REF is of type /refs/head/<branch_name>. We extract branch_name from this by removing the
# first 11 characters. This can be used to build images for several branches
# Since this is an unreleased build, we get the latest released version number, increment the minor number in it,
# append a `-SNAPSHOT` at it's end to prepare the snapshot version number. This is used as the project's version.
- name: Get the version to tag the Docker image
id: vars
run: |
# Since this is an unreleased build, we set the version to incremented version number with a
# `-SNAPSHOT` suffix.
latest_released_version="$(git tag --list 'v*' --sort=-version:refname | head -1)"
echo "latest_released_version = $latest_released_version"
next_version="$(echo "$latest_released_version" | awk -F. -v OFS=. '{ $NF++; print }')"
echo "next_version = $next_version"
echo ::set-output name=version::$next_version-SNAPSHOT
echo ::set-output name=tag::$(echo ${GITHUB_REF:11})
# Build and test the code
- name: Build and test
env:
APPSMITH_MONGODB_URI: "mongodb://localhost:27017/mobtools"
APPSMITH_CLOUD_SERVICES_BASE_URL: "https://release-cs.appsmith.com"
APPSMITH_REDIS_URL: "redis://127.0.0.1:6379"
APPSMITH_ENCRYPTION_PASSWORD: "password"
APPSMITH_ENCRYPTION_SALT: "salt"
APPSMITH_IS_SELF_HOSTED: false
run: |
mvn --batch-mode versions:set \
-DnewVersion=${{ steps.vars.outputs.version }} \
-DgenerateBackupPoms=false \
-DprocessAllModules=true
./build.sh
# These are dummy jobs in the CI build to satisfy required status checks for merging PRs. This is a hack because Github doesn't support conditional
# required checks in monorepos. These jobs are a clone of similarly named jobs in client.yml.
#
# Check support request at: https://github.community/t/feature-request-conditional-required-checks/16761
ui-test:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
job: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]
steps:
# Checkout the code
- uses: actions/checkout@v2
- name: Do nothing as this is a dummy step
shell: bash
run: |
exit 0
package:
runs-on: ubuntu-latest
steps:
# Checkout the code
- uses: actions/checkout@v2
- name: Do nothing as this is a dummy step
shell: bash
run: |
exit 0