Skip to content

build(deps): bump rails-html-sanitizer from 1.6.0 to 1.6.1 #32899

build(deps): bump rails-html-sanitizer from 1.6.0 to 1.6.1

build(deps): bump rails-html-sanitizer from 1.6.0 to 1.6.1 #32899

Workflow file for this run

name: "Test suite"
# https://securitylab.github.com/research/github-actions-preventing-pwn-requests
on:
workflow_dispatch:
push:
branches:
- dev
- release/*
paths-ignore:
- 'docs/**'
- 'help/**'
pull_request:
types: [opened, reopened, synchronize]
paths-ignore:
- 'docs/**'
- 'help/**'
- 'packaging/**'
- '.pkgr.yml'
permissions:
contents: read
jobs:
all:
name: Units + Features
if: github.repository == 'opf/openproject'
runs-on:
labels:
- runs-on
- runner=32cpu-linux-x64
- family=m7
- run-id=${{ github.run_id }}
timeout-minutes: 40
env:
DOCKER_BUILDKIT: 1
CI_RETRY_COUNT: 3
steps:
- uses: actions/checkout@v4
- name: Cache DOCKER
id: cache_docker
uses: runs-on/cache@v4
with:
path: cache/docker
# Note: no restore keys since whenever the files below change, we want to rebuild the full image from scratch
key: ${{ runner.os }}-docker-ci-${{ hashFiles('docker-compose.ci.yml', 'docker/ci/*', '.ruby-version', 'bin/ci') }}
- name: Restore CI image from cache
if: steps.cache_docker.outputs.cache-hit == 'true'
run: docker load -i cache/docker/image.tar
- name: Cache GEM
uses: runs-on/cache@v4
with:
path: cache/bundle
key: gem-bookworm-${{ hashFiles('.ruby-version') }}-${{ hashFiles('Gemfile.lock') }}
restore-keys: |
gem-bookworm-${{ hashFiles('.ruby-version') }}-
- name: Cache NPM
uses: runs-on/cache@v4
with:
path: cache/node
key: node-${{ hashFiles('package.json', 'frontend/package-lock.json') }}
restore-keys: |
node-
- name: Cache ANGULAR
uses: runs-on/cache@v4
with:
path: cache/angular
key: angular-${{ hashFiles('package.json', 'frontend/package-lock.json') }}
restore-keys: |
angular-
- name: Cache TEST RUNTIME
uses: runs-on/cache@v4
with:
path: cache/runtime-logs
key: runtime-logs-${{ github.head_ref || github.ref }}-${{ github.sha }}
restore-keys: |
runtime-logs-${{ github.head_ref || github.ref }}-
runtime-logs-
- name: Build
run: bin/ci setup-tests
- name: APIv3 specification (OpenAPI 3.0)
run: bin/ci ./script/api/validate_spec
- name: Unit tests
run: bin/ci run-units
- name: Feature tests
env:
CAPYBARA_DOWNLOADED_FILE_DIR: /tmp/ci/downloads
CAPYBARA_AWS_ACCESS_KEY_ID: "${{ secrets.CAPYBARA_AWS_ACCESS_KEY_ID }}"
CAPYBARA_AWS_SECRET_ACCESS_KEY: "${{ secrets.CAPYBARA_AWS_SECRET_ACCESS_KEY }}"
run: bin/ci run-features
- name: Save CI image to cache
if: steps.cache_docker.outputs.cache-hit != 'true'
run: mkdir -p cache/docker && docker save openproject/ci:v1 -o cache/docker/image.tar
- name: Cleanup
if: ${{ always() }}
run: |
ls -al cache/runtime-logs || true
ls -al cache/ || true
du -sh cache/* || true
# github.head_ref is only availabe in PR context and if it is absent then github.run_id
# is used . And github.run_id is unique for each workflow run. So, this option makes
# sure that there is only one build running for a pull request and the build is attached
# to the last commit of the PR.
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true