yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #12315 from id/0112-ci-fix-pip-command-line 

ci: explicitly use --require-hashes for pip install
This commit is contained in:
Ivan Dyachkov 2024-01-12 13:22:02 +01:00 committed by GitHub
parent d1ae6f5195 3b9dc434ac
commit 41e931d90a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 22 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.ci/docker-compose-file/openldap/Dockerfile
View File

@ -1,4 +1,4 @@
FROM docker.io/zmstone/openldap:2.5.16
FROM docker.io/zmstone/openldap:2.5.16@sha256:a813922115a1d1f1b974399595921d1778fae22b3f1ee15dcfa8cfa89700dbc7
COPY .ci/docker-compose-file/openldap/slapd.conf /usr/local/etc/openldap/slapd.conf
COPY apps/emqx_ldap/test/data/emqx.io.ldif /usr/local/etc/openldap/schema/emqx.io.ldif

2
.ci/docker-compose-file/pgsql/Dockerfile
View File

@ -1,4 +1,4 @@
ARG BUILD_FROM=public.ecr.aws/docker/library/postgres:13
ARG BUILD_FROM=public.ecr.aws/docker/library/postgres:13@sha256:fa69de30d02652cfdfb68166692e5186f6972c17f83c89c71ac8ff0916d46ae3
FROM ${BUILD_FROM}
ARG POSTGRES_USER=postgres
COPY --chown=$POSTGRES_USER ./pgsql/pg_hba_tls.conf /var/lib/postgresql/pg_hba.conf

2
.ci/docker-compose-file/python/pytest.sh
View File

@ -23,7 +23,7 @@ fi
apk update && apk add git curl
git clone -b develop-5.0 https://github.com/emqx/paho.mqtt.testing.git /paho.mqtt.testing
pip install -r "$SCRIPT_DIR/requirements.txt"
pip install --require-hashes -r "$SCRIPT_DIR/requirements.txt"
pytest --retries 3 -v /paho.mqtt.testing/interoperability/test_client/V5/test_connect.py -k test_basic --host "$TARGET_HOST"
RESULT=$?

14
.ci/gitlint.requirements.txt Normal file
View File

@ -0,0 +1,14 @@
arrow==1.2.3 --hash=sha256:5a49ab92e3b7b71d96cd6bfcc4df14efefc9dfa96ea19045815914a6ab6b1fe2
click==8.1.3 --hash=sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48
exceptiongroup==1.2.0 --hash=sha256:4bfd3996ac73b41e9b9628b04e079f193850720ea5945fc96a08633c66912f14
gitlint==0.19.1 --hash=sha256:26bb085959148d99fbbc178b4e56fda6c3edd7646b7c2a24d8ee1f8e036ed85d
gitlint-core==0.19.1 --hash=sha256:f41effd1dcbc06ffbfc56b6888cce72241796f517b46bd9fd4ab1b145056988c
iniconfig==2.0.0 --hash=sha256:b6a85871a79d2e3b22d2d1b94ac2824226a63c6b741c88f7ae975f18b6778374
packaging==23.2 --hash=sha256:8c491190033a9af7e1d931d0b5dacc2ef47509b34dd0de67ed209b5203fc88c7
pluggy==1.3.0 --hash=sha256:d89c696a773f8bd377d18e5ecda92b7a3793cbe66c87060a6fb58c7b6e1061f7
pytest==7.4.4 --hash=sha256:b090cdf5ed60bf4c45261be03239c2c1c22df034fbffe691abe93cd80cea01d8
pytest-retry==1.6.1 --hash=sha256:3d420afc08e61ed3be28ecbb544371041b1b8e5fea7c94eb97cefa0d4ea9825c
python-dateutil==2.8.2 --hash=sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9
sh==1.14.3 --hash=sha256:e4045b6c732d9ce75d571c79f5ac2234edd9ae4f5fa9d59b09705082bdca18c7
six==1.16.0 --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254
tomli==2.0.1 --hash=sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc

2
.github/workflows/_pr_entrypoint.yaml vendored
View File

@ -45,7 +45,7 @@ jobs:
BEFORE_REF: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.sha || github.event.before }}
AFTER_REF: ${{ github.sha }}
run: |
pip install gitlint
pip install --require-hashes -r .ci/gitlint.requirements.txt
gitlint --commits $BEFORE_REF..$AFTER_REF --config .github/workflows/.gitlint
- name: Run shellcheck
run: |

2
.github/workflows/run_helm_tests.yaml vendored
View File

@ -172,7 +172,7 @@ jobs:
path: paho.mqtt.testing
- name: install pytest
run: |
pip install -r source/.ci/docker-compose-file/python/requirements.txt
pip install --require-hashes -r source/.ci/docker-compose-file/python/requirements.txt
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: run paho test
timeout-minutes: 10

2
Dockerfile.ubuntu20.04.runner
View File

@ -1,5 +1,5 @@
## This is a fast-build Dockerfile only for testing
FROM ubuntu:20.04
FROM ubuntu:20.04@sha256:f2034e7195f61334e6caff6ecf2e965f92d11e888309065da85ff50c617732b8
ARG PROFILE=emqx
RUN apt-get update; \

4
deploy/docker/Dockerfile
View File

@ -1,5 +1,5 @@
ARG BUILD_FROM=ghcr.io/emqx/emqx-builder/5.3-2:1.15.7-26.2.1-2-debian11
ARG RUN_FROM=public.ecr.aws/debian/debian:11-slim
ARG BUILD_FROM=ghcr.io/emqx/emqx-builder/5.3-2:1.15.7-26.2.1-2-debian11@sha256:48b62a5636bd6bc59688fc98a498401fccf456fa63d843aa0b7279f3bc20b22e
ARG RUN_FROM=public.ecr.aws/debian/debian:11-slim@sha256:22cfb3c06a7dd5e18d86123a73405664475b9d9fa209cbedcf4c50a25649cc74
FROM ${BUILD_FROM} AS builder
ARG DEBUG=0