Skip to content

update soot to 4.6.0. Trim unwanted commons-io and csv packages (#93) #235

update soot to 4.6.0. Trim unwanted commons-io and csv packages (#93)

update soot to 4.6.0. Trim unwanted commons-io and csv packages (#93) #235

Workflow file for this run

name: Upload Container image
on:
push:
branches:
- main
tags:
- 'v*'
workflow_dispatch: # allow to manually trigger this workflow
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: false
env:
REGISTRY: ghcr.io
IMAGE_NAME: appthreat/chen-platform
jobs:
deploy:
if: github.repository_owner == 'appthreat'
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '21'
- uses: sbt/setup-sbt@v1
- name: "Install PHP"
uses: "shivammathur/setup-php@v2"
with:
coverage: "none"
php-version: "8.3"
tools: composer:v2
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '22.x'
- name: Trim CI agent
run: |
chmod +x ci/free_disk_space.sh
./ci/free_disk_space.sh
- name: Delete `.rustup` directory
run: rm -rf /home/runner/.rustup # to save disk space
if: runner.os == 'Linux'
- name: Delete `.cargo` directory # to save disk space
run: rm -rf /home/runner/.cargo
if: runner.os == 'Linux'
- uses: actions/cache@v4
with:
path: |
~/.sbt
~/.coursier
key: ${{ runner.os }}-sbt-${{ hashfiles('**/build.sbt') }}
- run: |
sbt stage createDistribution
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SCALAPY_PYTHON_LIBRARY: "python3.12"
- name: Export python requirements
run: |
python3.12 -m pip install --upgrade pip
python3.12 -m pip install poetry
python3.12 -m poetry export -f requirements.txt --with=science --without-hashes --output target/chen-science-requirements.txt
python3.12 -m poetry export -f requirements.txt --with=database --without-hashes --output target/chen-database-requirements.txt
- name: Upload chen to ghcr
run: |
cd target
echo $GITHUB_TOKEN | oras login ghcr.io -u $GITHUB_USERNAME --password-stdin
oras push ghcr.io/$IMAGE_NAME:v2 \
--annotation-file ../ci/annotations.json \
./chen.zip:application/vnd.appthreat.chen.layer.v1+tar \
./chen-science-requirements.txt:application/vnd.appthreat.chen.layer.v1+tar \
./chen-database-requirements.txt:application/vnd.appthreat.chen.layer.v1+tar
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.actor }}
- name: Setup nydus
run: |
curl -LO https://github.com/dragonflyoss/nydus/releases/download/v2.2.4/nydus-static-v2.2.4-linux-amd64.tgz
tar -xvf nydus-static-v2.2.4-linux-amd64.tgz
chmod +x nydus-static/*
mv nydus-static/* /usr/local/bin/
rm -rf nydus-static-v2.2.4-linux-amd64.tgz nydus-static
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/appthreat/chen
- name: Build and push Docker images
uses: docker/build-push-action@v5
with:
file: ci/Dockerfile
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=chen
cache-to: type=gha,mode=max,scope=chen
- name: nydusify
run: |
nydusify convert --oci --oci-ref --source ${{ steps.meta.outputs.tags }} --target ${{ steps.meta.outputs.tags }}-nydus --prefetch-dir /opt
nydusify check --target ${{ steps.meta.outputs.tags }}-nydus
if: github.ref == 'refs/heads/main'
continue-on-error: true