Sanitize ldap strings, graceful activity log restart (1.6) #5597
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous integration | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - dev | |
| - "release/**" | |
| paths-ignore: | |
| - "*.md" | |
| - "LICENSE" | |
| pull_request: | |
| branches: | |
| - main | |
| - dev | |
| - "release/**" | |
| paths-ignore: | |
| - "*.md" | |
| - "LICENSE" | |
| jobs: | |
| test: | |
| runs-on: | |
| - codebuild-defguard-core-runner-${{ github.run_id }}-${{ github.run_attempt }} | |
| container: public.ecr.aws/docker/library/rust:1 | |
| services: | |
| postgres: | |
| image: public.ecr.aws/docker/library/postgres:17-alpine | |
| env: | |
| POSTGRES_DB: defguard | |
| POSTGRES_USER: defguard | |
| POSTGRES_PASSWORD: defguard | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| env: | |
| CARGO_TERM_COLOR: always | |
| DEFGUARD_SECRET_KEY: aa5a506b11d719dd7170f57f5d9947faf8eb0bc2be1325e42aa0237c3dcfd26456e73dff9eef3b12c7bcf8711b45e3e703d8e21ee1c08520f5e12e3f5772da94 | |
| DEFGUARD_DB_HOST: postgres | |
| DEFGUARD_DB_PORT: 5432 | |
| DEFGUARD_DB_NAME: defguard | |
| DEFGUARD_DB_USER: defguard | |
| DEFGUARD_DB_PASSWORD: defguard | |
| DATABASE_URL: "postgresql://defguard:defguard@postgres/defguard" | |
| SQLX_OFFLINE: true | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Scan code with Trivy | |
| uses: aquasecurity/trivy-action@0.35.0 | |
| with: | |
| scan-type: "fs" | |
| scan-ref: "." | |
| exit-code: "1" | |
| ignore-unfixed: true | |
| severity: "CRITICAL,HIGH,MEDIUM" | |
| scanners: "vuln" | |
| - name: Cache | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Install protoc | |
| run: apt-get update && apt-get -y install protobuf-compiler | |
| - name: Check format | |
| run: | | |
| rustup component add rustfmt | |
| cargo fmt -- --check | |
| - name: Run clippy linter | |
| run: | | |
| rustup component add clippy | |
| cargo clippy --all-targets --all-features -- -D warnings | |
| - name: Run cargo deny | |
| run: | | |
| cargo install cargo-deny | |
| cargo deny check | |
| - name: Install nextest | |
| uses: taiki-e/install-action@nextest | |
| - name: Run tests | |
| run: cargo nextest run --locked --no-fail-fast |