fix(docker): handle Kubernetes service-link port env #13
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security | |
| # Runs the offline Docker-server security suite: behavioral tests for the | |
| # secure-by-default posture (R1-R7). No network, browser, Redis or Docker needed | |
| # - it boots the app via TestClient and monkeypatches DNS, so it is fast | |
| # (~seconds) and deterministic. | |
| on: | |
| push: | |
| branches: [main, develop, "security/**"] | |
| paths: | |
| - "deploy/docker/**" | |
| - "crawl4ai/async_configs.py" | |
| - ".github/workflows/security.yml" | |
| pull_request: | |
| paths: | |
| - "deploy/docker/**" | |
| - "crawl4ai/async_configs.py" | |
| - ".github/workflows/security.yml" | |
| jobs: | |
| security-offline: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.10" | |
| cache: pip | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e . | |
| pip install -r deploy/docker/requirements.txt | |
| pip install pytest pytest-asyncio | |
| - name: Run security suite | |
| run: | | |
| pytest deploy/docker/tests/test_security_*.py -q | |
| posture-gate: | |
| # The headline secure-by-default acceptance gate, isolated so it can be a | |
| # required status check. xfail-marked items (e.g. the build-gated | |
| # --no-sandbox removal) do not fail this job. | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.10" | |
| cache: pip | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -e . | |
| pip install -r deploy/docker/requirements.txt | |
| pip install pytest pytest-asyncio | |
| - name: Default-posture gate | |
| run: | | |
| pytest deploy/docker/tests/test_security_default_posture.py -q |