Bump github/codeql-action from 3.27.0 to 3.27.7 #2534
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Smoke Tests | |
env: | |
CD_DETECTOR_EXPERIMENTS: 1 | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
schedule: | |
- cron: "0 0 * * *" # every day at midnight | |
permissions: | |
contents: read | |
jobs: | |
smoke-test: | |
runs-on: ["self-hosted", "1ES.Pool=1ES-OSE-GH-Pool"] | |
strategy: | |
matrix: | |
language: | |
[ | |
{ name: "CocoaPods", repo: "realm/realm-swift" }, | |
{ name: "Gradle", repo: "microsoft/ApplicationInsights-Java" }, | |
{ name: "Go", repo: "kubernetes/kubernetes" }, | |
{ name: "Maven", repo: "apache/kafka" }, | |
{ name: "NPM", repo: "axios/axios" }, | |
{ name: "NuGet", repo: "Radarr/Radarr" }, | |
{ name: "Pip", repo: "django/django" }, | |
{ name: "Pnpm", repo: "pnpm/pnpm" }, | |
{ name: "Poetry", repo: "Textualize/rich" }, | |
{ name: "Ruby", repo: "rails/rails" }, | |
{ name: "Rust", repo: "alacritty/alacritty" }, | |
{ name: "Yarn", repo: "gatsbyjs/gatsby" }, | |
] | |
fail-fast: false | |
max-parallel: 4 # limit the total number of running jobs to avoid rate limiting | |
name: ${{ matrix.language.name }} | |
steps: | |
- name: Checkout Component Detection | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Setup .NET | |
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 | |
- name: Install Apache Ivy | |
run: curl https://downloads.apache.org/ant/ivy/2.5.2/apache-ivy-2.5.2-bin.tar.gz | tar xOz apache-ivy-2.5.2/ivy-2.5.2.jar > /usr/share/ant/lib/ivy.jar | |
- name: Checkout Smoke Test Repo | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
repository: ${{ matrix.language.repo }} | |
path: smoke-test-repo | |
- name: Restore Smoke Test NuGet Packages | |
if: ${{ matrix.language.name == 'NuGet'}} | |
working-directory: smoke-test-repo/src | |
run: dotnet restore | |
- name: Run Smoke Test | |
working-directory: src/Microsoft.ComponentDetection | |
run: | | |
for i in $(seq 1 10); do | |
dotnet run -c Release -- scan --SourceDirectory ${{ github.workspace }}/smoke-test-repo --Verbosity Verbose || exit 1 | |
done | |
create-issue: | |
runs-on: ubuntu-latest | |
needs: smoke-test | |
name: Create Issue | |
if: always() && github.event_name == 'schedule' && needs.smoke-test.result == 'failure' | |
permissions: | |
issues: write | |
steps: | |
- name: Create GitHub Issue | |
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 | |
with: | |
script: | | |
const failed_tests = []; | |
const jobs = await github.rest.actions.listJobsForWorkflowRun({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
run_id: context.runId, | |
}); | |
for (const job of jobs.data.jobs) { | |
if (job.status === 'completed' && job.conclusion === 'failure') { | |
failed_tests.push('* ' + job.name); | |
} | |
} | |
const issue_body = `# :x: Smoke Test Failure\nThe following smoke tests failed:\n\n${failed_tests.join('\n')}\n\n[View Run](${context.payload.repository.html_url}/actions/runs/${context.runId})\n\ncc: @microsoft/ose-component-detection-maintainers`; | |
await github.rest.issues.create({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
title: 'Smoke Test Failure', | |
body: issue_body, | |
labels: ['bug'] | |
}) |