Fixes CVE-2024-7254 #1445
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Java CI | |
on: | |
push: | |
branches: | |
- "*" | |
pull_request: | |
branches: | |
- "*" | |
jobs: | |
build_pa_pkg: | |
strategy: | |
fail-fast: false | |
matrix: | |
java: | |
- 8 | |
- 11 | |
- 14 | |
runs-on: [ubuntu-latest] | |
name: Building PA package | |
steps: | |
- name: Set up JDK | |
uses: actions/setup-java@v1 | |
with: | |
java-version: ${{matrix.java}} | |
# Performance Analyzer in ./tmp/performance-analyzer | |
- name: Checkout Performance Analyzer package | |
uses: actions/checkout@v4 | |
with: | |
path: ./tmp/performance-analyzer | |
- uses: KengoTODA/actions-setup-docker-compose@v1 | |
with: | |
version: '1.29.2' | |
# Explicitly set the docker-compose program path so that our build scripts in RCA can run the program | |
# This is necessary because of the Github Actions environment and the workingDir of the Gradle environment | |
- name: Set docker-compose path | |
run: DOCKER_COMPOSE_LOCATION=$(which docker-compose) | |
# Set the vm.max_map_count system property to the minimum required to run OpenSearch | |
- name: Set vm.max_map_count | |
run: sudo sysctl -w vm.max_map_count=262144 | |
- name: Build Performance Analyzer and run Unit Tests | |
working-directory: ./tmp/performance-analyzer | |
run: | | |
./gradlew build -Dperformance-analyzer-rca.build=true \ | |
-Dperformance-analyzer-rca.repo="https://github.com/opensearch-project/performance-analyzer-rca.git" \ | |
-Dperformance-analyzer-rca.branch=1.3 \ | |
-Dopensearch.version=1.3.20-SNAPSHOT | |
- name: Assemble PA jar for BWC tests | |
working-directory: ./tmp/performance-analyzer | |
run: | | |
./gradlew assemble -Dopensearch.version=1.3.20-SNAPSHOT | |
mkdir -p ./src/test/resources/org/opensearch/performanceanalyzer/bwc/1.3.20.0-SNAPSHOT | |
cp ./build/distributions/*.zip ./src/test/resources/org/opensearch/performanceanalyzer/bwc/1.3.20.0-SNAPSHOT | |
- name: Generate Jacoco coverage report | |
working-directory: ./tmp/performance-analyzer | |
run: ./gradlew jacocoTestReport | |
- name: Upload coverage report | |
working-directory: ./tmp/performance-analyzer | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
run: bash <(curl -s https://codecov.io/bash) -f ./build/reports/jacoco/test/jacocoTestReport.xml | |
- name: Run Integration Tests | |
working-directory: ./tmp/performance-analyzer | |
run: ./gradlew integTest -Dtests.enableIT -Dtests.useDockerCluster -Dopensearch.version=1.3.20-SNAPSHOT | |
- name: Run PerformanceAnalzyer Backwards Compatibility Tests | |
working-directory: ./tmp/performance-analyzer | |
run: ./gradlew bwcTestSuite -Dtests.security.manager=false |