Fix CI: use node:20-bookworm for ansible jobs
Some checks failed
CI / skip-ci-check (pull_request) Successful in 7s
CI / lint-and-test (pull_request) Failing after 15s
CI / ansible-validation (pull_request) Failing after 6s
CI / secret-scanning (pull_request) Failing after 6s
CI / dependency-scan (pull_request) Failing after 5s
CI / sast-scan (pull_request) Failing after 6s
CI / license-check (pull_request) Failing after 12s
CI / vault-check (pull_request) Failing after 34s
CI / playbook-test (pull_request) Failing after 7s
CI / container-scan (pull_request) Successful in 5s
CI / sonar-analysis (pull_request) Failing after 3s
CI / workflow-summary (pull_request) Successful in 31s
Some checks failed
CI / skip-ci-check (pull_request) Successful in 7s
CI / lint-and-test (pull_request) Failing after 15s
CI / ansible-validation (pull_request) Failing after 6s
CI / secret-scanning (pull_request) Failing after 6s
CI / dependency-scan (pull_request) Failing after 5s
CI / sast-scan (pull_request) Failing after 6s
CI / license-check (pull_request) Failing after 12s
CI / vault-check (pull_request) Failing after 34s
CI / playbook-test (pull_request) Failing after 7s
CI / container-scan (pull_request) Successful in 5s
CI / sonar-analysis (pull_request) Failing after 3s
CI / workflow-summary (pull_request) Successful in 31s
actions/checkout@v4 requires Node; python:3.11-slim broke job 2. Bootstrap pip on bookworm without apt to avoid runner GPG issues. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
parent
52de8740c9
commit
798fef2b67
@ -65,7 +65,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1' && (github.event_name == 'pull_request' || github.ref == 'refs/heads/master')
|
||||
container:
|
||||
image: node:20-bullseye
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
@ -87,11 +87,19 @@ jobs:
|
||||
env:
|
||||
PIP_NO_CACHE_DIR: "1"
|
||||
container:
|
||||
image: python:3.11-slim-bookworm
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Ensure pip (node image has Python 3.11, not pip)
|
||||
run: |
|
||||
python3 --version
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
|
||||
- name: Show disk space (runner may be full)
|
||||
run: df -h / /tmp || true
|
||||
|
||||
@ -153,7 +161,7 @@ jobs:
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1'
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: node:20-bullseye
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
@ -172,7 +180,7 @@ jobs:
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1'
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: node:20-bullseye
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
@ -190,9 +198,10 @@ jobs:
|
||||
- name: Scan Python dependencies
|
||||
run: |
|
||||
if [ -f requirements.txt ]; then
|
||||
PY=$(python3 -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")')
|
||||
curl -fsSL "https://bootstrap.pypa.io/pip/${PY}/get-pip.py" -o /tmp/get-pip.py
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
python3 -m pip install --no-cache-dir pip-audit
|
||||
python3 -m pip-audit -r requirements.txt
|
||||
else
|
||||
@ -205,17 +214,18 @@ jobs:
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1'
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: node:20-bullseye
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Bootstrap pip (no apt)
|
||||
- name: Bootstrap pip
|
||||
run: |
|
||||
python3 --version
|
||||
PY=$(python3 -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")')
|
||||
curl -fsSL "https://bootstrap.pypa.io/pip/${PY}/get-pip.py" -o /tmp/get-pip.py
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
|
||||
- name: Install Semgrep
|
||||
run: python3 -m pip install --no-cache-dir semgrep
|
||||
@ -229,7 +239,7 @@ jobs:
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1'
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: node:20-bullseye
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
@ -254,11 +264,18 @@ jobs:
|
||||
env:
|
||||
PIP_NO_CACHE_DIR: "1"
|
||||
container:
|
||||
image: python:3.11-slim-bookworm
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Ensure pip
|
||||
run: |
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
|
||||
- name: Install Ansible
|
||||
run: python3 -m pip install --no-cache-dir ansible-core
|
||||
|
||||
@ -300,11 +317,18 @@ jobs:
|
||||
env:
|
||||
PIP_NO_CACHE_DIR: "1"
|
||||
container:
|
||||
image: python:3.11-slim-bookworm
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Ensure pip
|
||||
run: |
|
||||
python3 -m pip --version 2>/dev/null || {
|
||||
curl -fsSL https://bootstrap.pypa.io/get-pip.py -o /tmp/get-pip.py
|
||||
python3 /tmp/get-pip.py --disable-pip-version-check
|
||||
}
|
||||
|
||||
- name: Configure CI Ansible (no vault, localhost inventory)
|
||||
run: |
|
||||
set -e
|
||||
@ -395,7 +419,7 @@ jobs:
|
||||
if: needs.skip-ci-check.outputs.should-skip != '1'
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: node:20-bullseye
|
||||
image: node:20-bookworm
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user