Skip to content

Update syft image and doc - use docker commands #2478

Update syft image and doc - use docker commands

Update syft image and doc - use docker commands #2478

Workflow file for this run

name: Smoke Tests
env:
CD_DETECTOR_EXPERIMENTS: 1
on:
push:
branches:
- main
pull_request:
schedule:
- cron: "0 0 * * *" # every day at midnight
permissions:
contents: read
jobs:
smoke-test:
runs-on: ["self-hosted", "1ES.Pool=1ES-OSE-GH-Pool"]
strategy:
matrix:
language:
[
{ name: "CocoaPods", repo: "realm/realm-swift" },
{ name: "Gradle", repo: "microsoft/ApplicationInsights-Java" },
{ name: "Go", repo: "kubernetes/kubernetes" },
{ name: "Maven", repo: "apache/kafka" },
{ name: "NPM", repo: "axios/axios" },
{ name: "NuGet", repo: "Radarr/Radarr" },
{ name: "Pip", repo: "django/django" },
{ name: "Pnpm", repo: "pnpm/pnpm" },
{ name: "Poetry", repo: "Textualize/rich" },
{ name: "Ruby", repo: "rails/rails" },
{ name: "Rust", repo: "alacritty/alacritty" },
{ name: "Yarn", repo: "gatsbyjs/gatsby" },
]
fail-fast: false
max-parallel: 4 # limit the total number of running jobs to avoid rate limiting
name: ${{ matrix.language.name }}
steps:
- name: Checkout Component Detection
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup .NET
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
- name: Install Apache Ivy
run: curl https://downloads.apache.org/ant/ivy/2.5.2/apache-ivy-2.5.2-bin.tar.gz | tar xOz apache-ivy-2.5.2/ivy-2.5.2.jar > /usr/share/ant/lib/ivy.jar
- name: Checkout Smoke Test Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ${{ matrix.language.repo }}
path: smoke-test-repo
- name: Restore Smoke Test NuGet Packages
if: ${{ matrix.language.name == 'NuGet'}}
working-directory: smoke-test-repo/src
run: dotnet restore
- name: Run Smoke Test
working-directory: src/Microsoft.ComponentDetection
run: |
for i in $(seq 1 10); do
dotnet run -c Release -- scan --SourceDirectory ${{ github.workspace }}/smoke-test-repo --Verbosity Verbose || exit 1
done
create-issue:
runs-on: ubuntu-latest
needs: smoke-test
name: Create Issue
if: always() && github.event_name == 'schedule' && needs.smoke-test.result == 'failure'
permissions:
issues: write
steps:
- name: Create GitHub Issue
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
with:
script: |
const failed_tests = [];
const jobs = await github.rest.actions.listJobsForWorkflowRun({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: context.runId,
});
for (const job of jobs.data.jobs) {
if (job.status === 'completed' && job.conclusion === 'failure') {
failed_tests.push('* ' + job.name);
}
}
const issue_body = `# :x: Smoke Test Failure\nThe following smoke tests failed:\n\n${failed_tests.join('\n')}\n\n[View Run](${context.payload.repository.html_url}/actions/runs/${context.runId})\n\ncc: @microsoft/ose-component-detection-maintainers`;
await github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: 'Smoke Test Failure',
body: issue_body,
labels: ['bug']
})