Skip to content

Bump cryptography from 42.0.4 to 43.0.1 #19856

Bump cryptography from 42.0.4 to 43.0.1

Bump cryptography from 42.0.4 to 43.0.1 #19856

name: Continuous Integration
on:
push:
branches: ["main"]
paths-ignore:
- maintenance/**/*.*
pull_request:
paths-ignore:
- maintenance/**/*.*
jobs:
test_node:
name: Node CI
runs-on: ubuntu-20.04
env:
ALLOWED_HOSTS: localhost,mozfest.localhost,default-site.com,secondary-site.com
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com
PULSE_DOMAIN: https://www.mozillapulse.org
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 20
cache: "npm"
- name: Install Node Dependencies
run: npm ci
- name: Run linting
run: npm run lint
test_wagtail:
name: Wagtail CI
runs-on: ubuntu-20.04
services:
postgres:
image: postgres:15
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: network
ports:
- 5432:5432
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
env:
ALLOWED_HOSTS: localhost,mozfest.localhost,default-site.com,secondary-site.com
BASKET_URL: https://basket-dev.allizom.org
CONTENT_TYPE_NO_SNIFF: True
CORS_ALLOWED_ORIGINS: "*"
COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}
DATABASE_URL: postgres://postgres:postgres@localhost:5432/network
DEBUG: True
DJANGO_SECRET_KEY: secret
DOMAIN_REDIRECT_MIDDLEWARE_ENABLED: False
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PIPENV_VERBOSITY: -1
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com
PULSE_DOMAIN: https://www.mozillapulse.org
RANDOM_SEED: 530910203
SET_HSTS: False
SSL_REDIRECT: False
TARGET_DOMAINS: foundation.mozilla.org
USE_S3: False
X_FRAME_OPTIONS: DENY
XSS_PROTECTION: True
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: 3.11
cache: "pip"
- uses: actions/setup-node@v3
with:
node-version: 20
- name: Install Python Dependencies
run: pip install -r requirements.txt -r dev-requirements.txt
- name: Install Node Dependencies
run: npm ci
- name: Install additional tooling
run: |
sudo apt-get update
sudo apt-get install -y gettext
- name: Preroll
run: |
npm run build
python network-api/manage.py collectstatic --no-input --verbosity 0
python network-api/manage.py check
python network-api/manage.py makemigrations --check --dry-run
python network-api/manage.py migrate --no-input
python network-api/manage.py block_inventory
python network-api/manage.py compilemessages
- name: Run linting
run: |
flake8 .
isort . --check-only
black . --check
djlint . --lint
# Skipping djlint format checking because it has consistency issues and issues with blocktrans.
# This should change when formatting is moved to a version using and AST.
# See also: https://github.com/Riverside-Healthcare/djLint/issues/493
# djlint . --check
#
# Using djhtml indent check in the meantime.
djhtml -c maintenance/ network-api/
- name: Run type checks
run: mypy network-api
- name: Run Tests
run: cd network-api && pytest -n auto -v --ds=networkapi.settings -cov=network-api/networkapi --cov-report=term-missing
test_integration:
name: Integration testing
runs-on: ubuntu-20.04
services:
postgres:
image: postgres:15
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: network
ports:
- 5432:5432
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
env:
ALLOWED_HOSTS: 127.0.0.1,localhost,mozfest.localhost,default-site.com,secondary-site.com
BASKET_URL: https://basket-dev.allizom.org
CONTENT_TYPE_NO_SNIFF: True
CORS_ALLOWED_ORIGINS: "*"
DATABASE_URL: postgres://postgres:postgres@localhost:5432/network
DEBUG: True
DJANGO_SECRET_KEY: secret
DOMAIN_REDIRECT_MIDDLEWARE_ENABLED: False
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PIPENV_VERBOSITY: -1
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com
PULSE_DOMAIN: https://www.mozillapulse.org
RANDOM_SEED: 530910203
SET_HSTS: False
SSL_REDIRECT: False
TARGET_DOMAINS: foundation.mozilla.org
USE_S3: False
X_FRAME_OPTIONS: DENY
XSS_PROTECTION: True
CSP_CONNECT_SRC: "*"
CSP_FONT_SRC: "'self' https://code.cdn.mozilla.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ data: https://static.fundraiseup.com/common-fonts/"
CSP_IMG_SRC: "* data: blob: https://*.fundraiseup.com https://ucarecdn.com https://pay.google.com https://*.paypalobjects.com"
CSP_FRAME_SRC: "'self' https://www.google.com/recaptcha/ https://*.stripe.com https://pay.google.com https://*.paypal.com https://*.fundraiseup.com"
CSP_SCRIPT_SRC: "'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js http://*.shpg.org/ https://comments.mozillafoundation.org/ https://airtable.com https://platform.twitter.com https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ScrollTrigger.min.js https://*.googletagmanager.com https://*.fundraiseup.com https://mozillafoundation.tfaforms.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://*.stripe.com https://m.stripe.network https://*.paypal.com https://*.paypalobjects.com https://pay.google.com https://cdn.cookielaw.org"
CSP_STYLE_SRC: "'self' 'unsafe-inline' https://code.cdn.mozilla.net https://platform.twitter.com https://mozillafoundation.tfaforms.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css"
SECURE_CROSS_ORIGIN_OPENER_POLICY: "same-origin-allow-popups"
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: 3.11
cache: "pip"
- uses: actions/setup-node@v3
with:
node-version: 20
cache: "npm"
- name: Install Python Dependencies
run: pip install -r requirements.txt -r dev-requirements.txt
- name: Install Node Dependencies
run: npm ci
- name: Install additional tooling
run: |
sudo apt-get update
sudo apt-get install -y gettext libgconf-2-4
- name: Install Playwright
run: npm run playwright:install
- name: Preroll
run: |
npm run build
python network-api/manage.py collectstatic --no-input --verbosity 0
python network-api/manage.py migrate --no-input
python network-api/manage.py block_inventory
python network-api/manage.py load_fake_data
- name: Integration Tests
run: npm run playwright:ci