upgrade python image version in dockerfiles for improved security #593
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pact Provider Verification | |
on: | |
repository_dispatch: | |
types: [provider-verification] | |
pull_request: | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
jobs: | |
test: | |
name: Provider verification | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- run: docker-compose -f docker-compose-pact.yml up -d api_gateway | |
- name: Wait for container | |
run: timeout 60s sh -c 'until curl -q -X POST localhost:4343/v1/create | grep 401; do echo "Waiting for table-helper to be healthy..."; sleep 2; done' | |
- name: Wait for container | |
run: timeout 60s sh -c 'until curl -q localhost:8000; do echo "Waiting for dynamodb to be healthy..."; sleep 2; done' | |
- name: Create table | |
run: curl -q -X POST http://localhost:4343/setup/dynamodb/create/table | |
- name: Verify specified Pact | |
if: ${{ github.event_name == 'repository_dispatch' }} | |
run: | | |
docker-compose -f docker-compose-pact.yml run --rm pact-verifier \ | |
--provider-version=$(git rev-parse HEAD) \ | |
--provider-branch=main \ | |
--publish \ | |
--user=admin \ | |
--password=${{ secrets.PACT_BROKER_PASSWORD }} \ | |
--url=${{ github.event.client_payload.pact_url }} | |
- name: Verify pacts, including pending | |
if: ${{ github.event_name == 'push' }} | |
run: | | |
docker-compose -f docker-compose-pact.yml run --rm pact-verifier \ | |
--provider-version=$(git rev-parse HEAD) \ | |
--provider-branch=main \ | |
--publish \ | |
--user=admin \ | |
--password=${{ secrets.PACT_BROKER_PASSWORD }} \ | |
--consumer-version-selectors='{"mainBranch": true}' \ | |
--enable-pending | |
- name: Verify pacts are still upheld | |
if: ${{ github.event_name == 'pull_request' }} | |
env: | |
HEADREF: ${{ github.head_ref }} | |
run: | | |
docker-compose -f docker-compose-pact.yml run --rm pact-verifier \ | |
--provider-version=$(git rev-parse HEAD) \ | |
--provider-branch=${HEADREF} \ | |
--consumer-version-selectors='{"mainBranch": true}' |