FINERACT-1969 SQL Injection exception thrown even if no insecure stri… #2164
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Fineract Build & Test - PostgreSQL | |
on: [push, pull_request] | |
permissions: | |
contents: read | |
jobs: | |
build: | |
runs-on: ubuntu-22.04 | |
services: | |
postgresql: | |
image: postgres:16.4 | |
ports: | |
- 5432:5432 | |
env: | |
POSTGRES_USER: root | |
POSTGRES_PASSWORD: postgres | |
options: --health-cmd="pg_isready -q -d postgres -U root" --health-interval=5s --health-timeout=2s --health-retries=3 | |
mock-oauth2-server: | |
image: ghcr.io/navikt/mock-oauth2-server:2.1.9 | |
ports: | |
- 9000:9000 | |
env: | |
SERVER_PORT: 9000 | |
JSON_CONFIG: '{ "interactiveLogin": true, "httpServer": "NettyWrapper", "tokenCallbacks": [ { "issuerId": "auth/realms/fineract", "tokenExpiry": 120, "requestMappings": [{ "requestParam": "scope", "match": "fineract", "claims": { "sub": "mifos", "scope": [ "test" ] } } ] } ] }' | |
env: | |
TZ: Asia/Kolkata | |
DEVELOCITY_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4 | |
with: | |
java-version: '17' | |
distribution: 'zulu' | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 | |
with: | |
node-version: 16 | |
- name: Congfigure vega-cli | |
run: npm i -g vega-cli --unsafe | |
- name: Setup Gradle and Validate Wrapper | |
uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 | |
with: | |
validate-wrappers: true | |
- name: Verify PostgreSQL connection | |
run: | | |
while ! pg_isready -d postgres -U root -h 127.0.0.1 -p 5432 ; do | |
sleep 1 | |
done | |
- name: Initialise databases | |
run: | | |
./gradlew --no-daemon -q createPGDB -PdbName=fineract_tenants | |
./gradlew --no-daemon -q createPGDB -PdbName=fineract_default | |
- name: Start LocalStack | |
env: | |
AWS_ENDPOINT_URL: http://localhost:4566 | |
AWS_ACCESS_KEY_ID: localstack | |
AWS_SECRET_ACCESS_KEY: localstack | |
AWS_REGION: us-east-1 | |
run: | | |
docker run -d --name localstack -p 4566:4566 -p 4510-4559:4510-4559 localstack/localstack:2.1 | |
sleep 10 | |
docker exec localstack awslocal s3api create-bucket --bucket fineract-reports | |
echo "LocalStack initialization complete" | |
- name: Install additional software | |
run: | | |
sudo apt-get update | |
sudo apt-get install ghostscript graphviz -y | |
- name: Build & Test | |
env: | |
AWS_ENDPOINT_URL: http://localhost:4566 | |
AWS_ACCESS_KEY_ID: localstack | |
AWS_SECRET_ACCESS_KEY: localstack | |
AWS_REGION: us-east-1 | |
FINERACT_REPORT_EXPORT_S3_ENABLED: true | |
FINERACT_REPORT_EXPORT_S3_BUCKET_NAME: fineract-reports | |
run: | | |
./gradlew --no-daemon --console=plain build -x cucumber -x test -x doc | |
./gradlew --no-daemon --console=plain cucumber -x :fineract-e2e-tests-runner:cucumber | |
./gradlew --no-daemon --console=plain test -x :twofactor-tests:test -x :oauth2-test:test :fineract-e2e-tests-runner:test -PdbType=postgresql | |
./gradlew --no-daemon --console=plain :twofactor-tests:test -PdbType=postgresql | |
./gradlew --no-daemon --console=plain :oauth2-tests:test -PdbType=postgresql | |
- name: Archive test results | |
if: always() | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 | |
with: | |
name: test-results | |
path: | | |
build/reports/ | |
integration-tests/build/reports/ | |
twofactor-tests/build/reports/ | |
oauth2-tests/build/reports/ | |
- name: Archive server logs | |
if: always() | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 | |
with: | |
name: server-logs | |
path: | | |
integration-tests/build/cargo/ | |
twofactor-tests/build/cargo/ | |
oauth2-tests/build/cargo/ |