Upgrade flatted to resolve CVE-2026-33228 (#272) #338
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Modifications Copyright (c) 2025 Ctrl IQ, Inc. | |
| name: Build/Push Development Images | |
| env: | |
| LC_ALL: "C.UTF-8" # prevent ERROR: Ansible could not initialize the preferred locale: unsupported locale setting | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| # - release_* | |
| - feature_* | |
| jobs: | |
| push-development-images: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 120 | |
| permissions: | |
| packages: write | |
| contents: read | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| build-targets: | |
| - image-name: awx_devel | |
| make-target: docker-compose-buildx | |
| #- image-name: awx_kube_devel | |
| # make-target: awx-kube-dev-buildx | |
| #- image-name: awx | |
| # make-target: awx-kube-buildx | |
| steps: | |
| - name: Skipping build of Ascender image for non-Ascender repository | |
| run: | | |
| echo "Skipping build of Ascender image for non-Ascender repository" | |
| exit 0 | |
| if: matrix.build-targets.image-name == 'awx' && !endsWith(github.repository, '/ascender') | |
| - name: Checkout ascender | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ascender | |
| ref: main | |
| - name: Get python version from Makefile | |
| run: echo py_version=`make PYTHON_VERSION` >> $GITHUB_ENV | |
| - name: Install python ${{ env.py_version }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.py_version }} | |
| # Downgrade requests to fix https://github.com/docker/docker-py/issues/3256 | |
| - name: Install playbook dependencies | |
| run: | | |
| python3 -m pip install docker==6.1.3 requests==2.31.0 --force-reinstall | |
| - name: Get current date | |
| id: date | |
| uses: Kaven-Universe/github-action-current-date-time@v1 | |
| - uses: benjlevesque/short-sha@v3.0 | |
| id: short-sha | |
| with: | |
| length: 6 | |
| - name: Build Ascender Devel Image | |
| working-directory: ascender | |
| run: | | |
| ansible-playbook -v tools/ansible/build.yml \ | |
| -e registry=ghcr.io \ | |
| -e registry_username=${{ github.actor }} \ | |
| -e registry_password=${{ secrets.GITHUB_TOKEN }} \ | |
| -e awx_image=${{ github.repository }}_devel \ | |
| -e awx_version=${{ steps.date.outputs.year }}.${{ steps.date.outputs.month }}.${{ steps.date.outputs.day }}+git${{ steps.short-sha.outputs.sha }} \ | |
| -e ansible_python_interpreter=$(which python3) \ | |
| -e push=yes \ | |
| -e awx_official=no |