Skip to content

fix(connector-fabric): address CVEs: CVE-2022-21190, CVE-2021-3918 #1616

fix(connector-fabric): address CVEs: CVE-2022-21190, CVE-2021-3918

fix(connector-fabric): address CVEs: CVE-2022-21190, CVE-2021-3918 #1616

# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: CC-BY-4.0
name: Test All Docker Images Build
env:
NODEJS_VERSION: v18.18.2
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
check_code_changed:
outputs:
relay_changed: ${{ steps.changes.outputs.relay_changed }}
fabric_driver_changed: ${{ steps.changes.outputs.fabric_driver_changed }}
corda_driver_changed: ${{ steps.changes.outputs.corda_driver_changed }}
iin_agent_changed: ${{ steps.changes.outputs.iin_agent_changed }}
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
- uses: dorny/[email protected]
id: changes
with:
filters: |
relay_changed:
- './weaver/common/protos-rs/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/core/relay/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- '.github/workflows/test_weaver-docker-build.yaml'
fabric_driver_changed:
- './weaver/common/protos/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/common/protos-js/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/sdks/fabric/interoperation-node-sdk/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/weaver/core/drivers/fabric-driver/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- '.github/workflows/test_weaver-docker-build.yaml'
corda_driver_changed:
- './weaver/common/protos/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/common/protos-java-kt/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/core/network/corda-interop-app/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/sdks/corda/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/core/drivers/corda-driver/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- '.github/workflows/test_weaver-docker-build.yaml'
iin_agent_changed:
- './weaver/common/protos/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/common/protos-js/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/sdks/fabric/interoperation-node-sdk/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- './weaver/core/identity-management/iin-agent/**!(*.md|*.css|*.html|*.jpg|*.jpeg|*.png)'
- '.github/workflows/test_weaver-docker-build.yaml'
build_docker_relay:
needs: check_code_changed
if: needs.check_code_changed.outputs.relay_changed == 'true'
# if: ${{ false }}
runs-on: ubuntu-latest
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/[email protected]
- name: Build Image
run: make build-server-local
working-directory: weaver/core/relay
build_docker_fabric_driver_local:
needs: check_code_changed
if: needs.check_code_changed.outputs.fabric_driver_changed == 'true'
# if: ${{ false }}
runs-on: ubuntu-latest
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/[email protected]
- name: Use Node.js ${{ env.NODEJS_VERSION }}
uses: actions/[email protected]
with:
node-version: ${{ env.NODEJS_VERSION }}
- name: Use Protoc 3.15
run: |
curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v3.15.6/protoc-3.15.6-linux-x86_64.zip
unzip protoc-3.15.6-linux-x86_64.zip -d protoc
- name: Build JS Protos (Local)
run: |
export PATH="$PATH:${GITHUB_WORKSPACE}/protoc/bin"
make build
working-directory: weaver/common/protos-js
- name: Build Fabric Interop Node SDK (Local)
run: make build-local
working-directory: weaver/sdks/fabric/interoperation-node-sdk
- name: Build Image (Local)
run: make build-image-local
working-directory: weaver/core/drivers/fabric-driver
build_docker_fabric_driver_packages:
needs: check_code_changed
if: ${{ false && needs.check_code_changed.outputs.fabric_driver_changed == 'true' }}
runs-on: ubuntu-latest
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/[email protected]
- name: Setup .npmrc
run: |
cp .npmrc.template .npmrc
sed -i "s/<personal-access-token>/${{ secrets.GITHUB_TOKEN }}/g" .npmrc
cat .npmrc
working-directory: weaver/core/drivers/fabric-driver
- name: Build Image
run: make build-image
working-directory: weaver/core/drivers/fabric-driver
build_docker_corda_driver_local:
needs: check_code_changed
if: needs.check_code_changed.outputs.corda_driver_changed == 'true'
runs-on: ubuntu-latest
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/[email protected]
- name: Set up JDK 8
uses: actions/[email protected]
with:
java-version: '8'
distribution: 'adopt'
- name: Build Protos (Local)
run: make build
working-directory: weaver/common/protos-java-kt
- name: Build Corda Interop App (Local)
run: make build-local
working-directory: weaver/core/network/corda-interop-app
- name: Build Corda Interop SDK (Local)
run: make build
working-directory: weaver/sdks/corda
- name: Build Image (Local)
run: make image-local
working-directory: weaver/core/drivers/corda-driver
build_docker_corda_driver_packages:
needs: check_code_changed
if: ${{ false && needs.check_code_changed.outputs.corda_driver_changed == 'true' }}
runs-on: ubuntu-latest
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/[email protected]
- name: Generate github.properties
run: |
echo "Using ${GITHUB_ACTOR} user."
echo "username=${GITHUB_ACTOR}" >> github.properties
echo "password=${{ secrets.GITHUB_TOKEN }}" >> github.properties
echo "url=https://maven.pkg.github.com/${GITHUB_ACTOR}/cacti" >> github.properties
echo "Using ${GITHUB_ACTOR} user."
echo "username=${GITHUB_ACTOR}" >> github.main.properties
echo "password=${{ secrets.GITHUB_TOKEN }}" >> github.main.properties
echo "url=https://maven.pkg.github.com/hyperledger/cacti" >> github.main.properties
make build || mv github.main.properties github.properties
make clean
cat github.properties
working-directory: weaver/core/drivers/corda-driver
- name: Build Image
run: make image
working-directory: weaver/core/drivers/corda-driver
build_docker_iin_agent_local:
needs: check_code_changed
if: needs.check_code_changed.outputs.iin_agent_changed == 'true'
runs-on: ubuntu-latest
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/[email protected]
- name: Use Node.js ${{ env.NODEJS_VERSION }}
uses: actions/[email protected]
with:
node-version: ${{ env.NODEJS_VERSION }}
- name: Use Protoc 3.15
run: |
curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v3.15.6/protoc-3.15.6-linux-x86_64.zip
unzip protoc-3.15.6-linux-x86_64.zip -d protoc
- name: Build JS Protos (Local)
run: |
export PATH="$PATH:${GITHUB_WORKSPACE}/protoc/bin"
make build
working-directory: weaver/common/protos-js
- name: Build Fabric Interop Node SDK (Local)
run: make build-local
working-directory: weaver/sdks/fabric/interoperation-node-sdk
- name: Build Image
run: make build-image-local
working-directory: weaver/core/identity-management/iin-agent