Skip to content
This repository has been archived by the owner on Jul 10, 2024. It is now read-only.

[hotfix] fix security risk of SQL injection #3323

[hotfix] fix security risk of SQL injection

[hotfix] fix security risk of SQL injection #3323

Workflow file for this run

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Submarine
# Trigger the workflow on push or pull request
on: [push, pull_request]
env:
VERSION: "0.9.0-SNAPSHOT"
BUILD_FLAG: "clean install -ntp -DskipTests -am"
TEST_FLAG: "test -DskipRat -ntp"
jobs:
generate-k8s-versions-array:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
# Version updates for k8s can be found at https://kubernetes.io/releases/patch-releases/ or
# https://kubernetes.io/releases/
# We mainly support the last 3-4 releases of kubernetes
steps:
- id: set-matrix
run: |
echo "::set-output name=matrix::[\"v1.22.17\", \"v1.23.17\", \"v1.24.12\", \"v1.25.3\"]"
submarine-operator-verify:
runs-on: ubuntu-latest
timeout-minutes: 10
env:
working-directory: "github.com/apache/submarine"
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
path: ${{ env.working-directory }}
- name: Setup Golang 1.17.2
uses: actions/setup-go@v2
with:
go-version: "1.17.2"
- name: Check golang version
working-directory: ${{ env.working-directory }}/submarine-cloud-v3
run: go version
- name: Install Dependencies
working-directory: ${{ env.working-directory }}/submarine-cloud-v3
run: go mod vendor
- name: Verify Codegen
working-directory: ${{ env.working-directory }}/submarine-cloud-v3
run: ./hack/verify-codegen.sh
- name: Verify fmt and vet
working-directory: ${{ env.working-directory }}/submarine-cloud-v3
run: make fmt && make vet
submarine-operator-v3-e2e-test:
needs: generate-k8s-versions-array
runs-on: ubuntu-latest
timeout-minutes: 60
strategy:
matrix:
k8s-version: ${{fromJSON(needs.generate-k8s-versions-array.outputs.matrix)}}
fail-fast: false
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 1
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: "11"
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Setup Golang 1.17.2
uses: actions/setup-go@v2
with:
go-version: "1.17.2"
- uses: actions/cache@v2
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Check version
run: |
mvn --version
java -version
go version
helm version
kind version
- name: Create kind cluster
run: kind create cluster --config ./.github/config/kind-config-kind.yaml --wait 3m --image kindest/node:${{ matrix.k8s-version }}
- name: Download Istio 1.17.1
run: |
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.17.1 sh -
cd istio-1.17.1
echo "$PWD/bin" >> $GITHUB_PATH
- name: Install Istio
run: istioctl install -y --set values.global.proxy.resources.requests.cpu=10m
- name: Show K8s cluster information
run: |
kubectl cluster-info
kubectl version
kubectl get pods -n kube-system
echo "current-context:" $(kubectl config current-context)
echo "environment-kubeconfig:" ${KUBECONFIG}
- name: Build Image locally
run: |
.github/scripts/build-image-locally-v3.sh
- name: Install Golang Dependencies
working-directory: submarine-cloud-v3
run: go mod vendor
- name: Install Submarine operator
working-directory: submarine-cloud-v3
# run: make deploy
# GA env variable VERSION overrides the variable in makefile,
# which results in the wrong image name.
# Running commands manually instead.
run: |
cd config/manager
kustomize edit set image controller=apache/submarine:operator-0.9.0-SNAPSHOT
kustomize build ../default | kubectl apply -f -
- name: Install Helm Dependencies
run: |
sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
helm dependency update ./helm-charts/submarine
helm install --wait --set dev=true --set storageClass.provisioner=rancher.io/local-path --set storageClass.volumeBindingMode=WaitForFirstConsumer --set seldon-core-operator.istio.gateway=submarine-cloud-v3-system/seldon-gateway submarine ./helm-charts/submarine -n submarine-cloud-v3-system
- name: Run end-to-end test
working-directory: submarine-cloud-v3
run: go test ./controllers/ -v -ginkgo.v
- name: Failure status
run: |
kubectl describe nodes
kubectl get all -A
kubectl get events -A --sort-by='{.lastTimestamp}'
kubectl logs -l control-plane=controller-manager -n submarine-cloud-v3-system
kubectl logs -l app=notebook-controller -n submarine-cloud-v3-system
kubectl logs -l control-plane=kubeflow-training-operator -n submarine-cloud-v3-system
kubectl describe submarine -A
if: ${{ failure() }}
- name: Delete temporary build artifacts before caching
run: |
#Never cache local artifacts
rm -rf ~/.m2/repository/org/apache/submarine
if: always()
submarine-e2e:
runs-on: ubuntu-latest
timeout-minutes: 60
services:
mysql:
image: mysql:5.7
env:
MYSQL_ROOT_PASSWORD: "password"
ports:
- 3306:3306
# wait until mysql is health
options: --health-cmd "mysqladmin ping" --health-interval 10s --health-timeout 10s --health-retries 10
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 50
- name: Cache jacoco.exec
uses: actions/cache@v2
with:
path: ./submarine-test/test-e2e/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: "11"
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Check version
run: |
mvn --version
java -version
chromedriver --version
python3 -V
- name: Prepare default mysql-data
run: |
pip install mysql-connector-python
python3 ./dev-support/database/init-database.py
- name: Build with Maven
run: |
echo ">>> mvn ${BUILD_FLAG} -B"
mvn ${BUILD_FLAG} -B
- name: Test
env:
TEST_FLAG: "verify -DskipRat -ntp"
TEST_MODULES: "-pl :submarine-test-e2e"
run: |
echo ">>> mvn ${TEST_FLAG} ${TEST_MODULES} -B"
mvn ${TEST_FLAG} ${TEST_MODULES} -B
submarine-k8s:
needs: generate-k8s-versions-array
runs-on: ubuntu-latest
timeout-minutes: 60
strategy:
matrix:
k8s-version: ${{fromJson(needs.generate-k8s-versions-array.outputs.matrix)}}
fail-fast: false
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 1
- name: Free Disk Space
run: bash ./.github/scripts/free-disk-space.sh
- name: Cache jacoco.exec
uses: actions/cache@v2
with:
path: ./submarine-test/test-k8s/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: "11"
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- uses: actions/cache@v2
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Check version
run: |
mvn --version
java -version
helm version
kind version
- name: Create kind cluster
run: kind create cluster --config ./.github/config/kind-config-kind.yaml --wait 3m --image kindest/node:${{ matrix.k8s-version }}
- name: Download Istio 1.17.1
run: |
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.17.1 sh -
cd istio-1.17.1
echo "$PWD/bin" >> $GITHUB_PATH
- name: Install Istio
run: istioctl install -y --set values.global.proxy.resources.requests.cpu=10m
- name: Show K8s cluster information
run: |
kubectl cluster-info
kubectl version
kubectl get pods -n kube-system
echo "current-context:" $(kubectl config current-context)
echo "environment-kubeconfig:" ${KUBECONFIG}
- name: Build with Maven
run: |
echo ">>> mvn ${BUILD_FLAG} -B"
mvn ${BUILD_FLAG} -B
- name: Build Image locally
run: |
.github/scripts/build-image-locally-v3.sh
sh .github/scripts/build-image-experiment-prehandler.sh
- name: Start submarine
run: bash ./.github/scripts/start-submarine.sh
- name: Test
env:
TEST_FLAG: "verify -DskipRat -ntp"
TEST_MODULES: "-pl :submarine-test-k8s"
run: |
echo ">>> mvn ${TEST_FLAG} ${TEST_MODULES} -B"
mvn ${TEST_FLAG} ${TEST_MODULES} -B
- name: Failure status
run: |
kubectl describe nodes
kubectl get pods
kubectl -n default get events --sort-by='{.lastTimestamp}'
if: ${{ failure() }}
- name: Delete temporary build artifacts before caching
run: |
#Never cache local artifacts
rm -rf ~/.m2/repository/org/apache/submarine
if: always()
submarine-commons-runtime:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 50
- name: Cache jacoco.exec
uses: actions/cache@v2
with:
path: ./submarine-commons/commons-runtime/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: "11"
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Check version
run: |
mvn --version
java -version
- name: Build
env:
MODULES: "-pl :submarine-commons-runtime"
run: |
echo ">>> mvn $BUILD_FLAG $MODULES -B"
mvn $BUILD_FLAG $MODULES -B
- name: Test
env:
TEST_MODULES: "-pl :submarine-commons-runtime"
run: |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B"
mvn $TEST_FLAG $TEST_MODULES -B
submarine-client:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 50
- name: Cache jacoco.exec
uses: actions/cache@v2
with:
path: ./submarine-client/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: "11"
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Check version
run: |
mvn --version
java -version
- name: Build
env:
MODULES: "-pl :submarine-client"
run: |
echo ">>> mvn $BUILD_FLAG $MODULES -B"
mvn $BUILD_FLAG $MODULES -B
- name: Test
env:
TEST_MODULES: "-pl :submarine-client"
run: |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B"
mvn $TEST_FLAG $TEST_MODULES -B
submarine-server:
runs-on: ubuntu-latest
timeout-minutes: 30
services:
mysql:
image: mysql:5.7
env:
MYSQL_ROOT_PASSWORD: "password"
ports:
- 3306:3306
# wait until mysql is health
options: --health-cmd "mysqladmin ping" --health-interval 10s --health-timeout 10s --health-retries 10
minio:
image: bitnami/minio:2022.2.24
env:
MINIO_ACCESS_KEY: "submarine_minio"
MINIO_SECRET_KEY: "submarine_minio"
MINIO_DEFAULT_BUCKETS: "submarine"
ports:
- 9000:9000
# wait until minio is health
options: --health-cmd "curl http://localhost:9000/minio/health/live" --health-interval 10s --health-timeout 10s --health-retries 10
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 50
- name: Cache server-database jacoco.exec
uses: actions/cache@v2
with:
path: |
./submarine-server/server-database/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache server-core jacoco.exec
uses: actions/cache@v2
with:
path: |
./submarine-server/server-core/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache serve jacoco.exec
uses: actions/cache@v2
with:
path: |
./submarine-serve/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: "11"
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Check version
run: |
mvn --version
java -version
- name: Prepare default mysql-data
run: |
python3 -V
sudo apt-get install python3-mysql.connector
python3 ./dev-support/database/init-database.py
- name: Build submarine-server-database
env:
MODULES: "-pl :submarine-server-database"
run: |
echo ">>> mvn $BUILD_FLAG $MODULES -B"
mvn $BUILD_FLAG $MODULES -B
- name: Test submarine-server-database
env:
TEST_MODULES: "-pl :submarine-server-database"
run: |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B"
mvn $TEST_FLAG $TEST_MODULES -B
- name: Build submarine-server-core
env:
MODULES: "-pl :submarine-server-core"
run: |
echo ">>> mvn $BUILD_FLAG $MODULES -B"
mvn $BUILD_FLAG $MODULES -B
- name: Test submarine-server-core
env:
TEST_MODULES: "-pl :submarine-server-core"
# TODO(cdmikechen) There are some databases that are hardcoded to cause data judgement anomalies,
# here is a temporary fix for this issue.
# This variable should be removed when SUBMARINE-1297 is resolved.
run: |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B"
export SUBMARINE_S3_ENDPOINT=http://localhost:9000 && export JDBC_URL="jdbc:mysql://127.0.0.1:3306/submarine_test?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&allowMultiQueries=true&failOverReadOnly=false&zeroDateTimeBehavior=convertToNull&useSSL=false&serverTimezone=UTC&useTimezone=true&useLegacyDatetimeCode=true"
mvn $TEST_FLAG $TEST_MODULES -B
- name: Build submarine-serve
env:
MODULES: "-pl :submarine-serve"
run: |
echo ">>> mvn $BUILD_FLAG $MODULES -B"
mvn $BUILD_FLAG $MODULES -B
- name: Test submarine-serve
env:
TEST_MODULES: "-pl :submarine-serve"
run: |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B"
mvn $TEST_FLAG $TEST_MODULES -B
submarine-workbench:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 50
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Check version
run: |
mvn --version
- name: Maven Build
env:
MODULES: "-pl :submarine-workbench-web"
run: |
echo ">>> mvn $BUILD_FLAG $MODULES -B"
mvn $BUILD_FLAG $MODULES -B
- name: Test with chrome
working-directory: ./submarine-workbench/workbench-web
run: |
export NODE_OPTIONS=--openssl-legacy-provider
npm run test -- --no-watch --no-progress --browsers=ChromeHeadlessCI
- name: Test with firefox
working-directory: ./submarine-workbench/workbench-web
run: |
export NODE_OPTIONS=--openssl-legacy-provider
npm run test -- --no-watch --no-progress --browsers=FirefoxHeadless
submarine-workbench-v2:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 50
- uses: actions/setup-node@v3
with:
node-version: "14"
- name: Check version
run: node --version
- name: Install dependencies
working-directory: ./submarine-workbench-v2
run: yarn
- name: Run test
working-directory: ./submarine-workbench-v2
run: yarn test --run --coverage
submarine-submitter:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 50
- name: Cache submarine-server jacoco.exec
uses: actions/cache@v2
with:
path: |
./submarine-server/server-submitter/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submitter-k8s jacoco.exec
uses: actions/cache@v2
with:
path: |
./submarine-server/server-submitter/submitter-k8s/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submitter-k8s-agent jacoco.exec
uses: actions/cache@v2
with:
path: |
./submarine-server/server-submitter/submarine-k8s-agent/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: "11"
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Check version
run: |
mvn --version
java -version
- name: Build
env:
MODULES: "-pl :submarine-server-submitter,:submarine-submitter-k8s,:submarine-k8s-agent,:submarine-k8s-utils"
run: |
echo ">>> mvn $BUILD_FLAG $MODULES -B"
mvn $BUILD_FLAG $MODULES -B
- name: Test
env:
# There are some `submitter-k8s` packages under the `submarine-server-submitter` that also needs to be tested
TEST_MODULES: "-pl :submarine-server-submitter,:submarine-submitter-k8s,:submarine-k8s-agent,:submarine-k8s-utils"
run: |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B"
export SUBMARINE_UID="dfea05c4-dbf2-43cc-833c-62ff329566a5"
mvn $TEST_FLAG $TEST_MODULES -B
rat:
name: Check License
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-java@v1
with:
java-version: "11"
- run: mvn org.apache.rat:apache-rat-plugin:check
linter:
name: Check Style
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@v2
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: "11"
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Setup Golang 1.16.2
uses: actions/setup-go@v2
with:
go-version: "1.16.2"
- uses: actions/setup-node@v3
with:
node-version: "14"
- name: Check version
run: |
mvn --version
java -version
go version
node --version
- uses: actions/cache@v2
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Java Style
if: always()
run: ./dev-support/style-check/lint-java.sh
- name: Scala Style
if: always()
run: ./dev-support/style-check/lint-scala.sh
- name: Angular Style
if: always()
run: ./dev-support/style-check/lint-angular.sh
- name: Go Style
if: always()
run: ./dev-support/style-check/lint-go.sh
- name: React Style
if: always()
working-directory: ./submarine-workbench-v2
run: |
yarn add prettier@^2.6.2
yarn checkformat
sonarcloud-and-codecov:
name: SonarCloud and Codecov
runs-on: ubuntu-latest
needs:
- submarine-e2e
- submarine-k8s
- submarine-submitter
- submarine-server
- submarine-client
- submarine-commons-runtime
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Cache Maven packages
uses: actions/cache@v1
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Cache test-e2e data
uses: actions/cache@v2
with:
path: ./submarine-test/test-e2e/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache test-k8s data
uses: actions/cache@v2
with:
path: ./submarine-test/test-k8s/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache commons-cluster data
uses: actions/cache@v2
with:
path: ./submarine-commons/commons-cluster/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache commons-runtime data
uses: actions/cache@v2
with:
path: ./submarine-commons/commons-runtime/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submarine-client data
uses: actions/cache@v2
with:
path: ./submarine-client/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submarine-server-database data
uses: actions/cache@v2
with:
path: |
./submarine-server/server-database/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submarine-server-core data
uses: actions/cache@v2
with:
path: |
./submarine-server/server-core/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submarine-serve data
uses: actions/cache@v2
with:
path: |
./submarine-serve/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submarine-submitter data
uses: actions/cache@v2
with:
path: |
./submarine-server/server-submitter/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submarine-submitter-k8s data
uses: actions/cache@v2
with:
path: |
./submarine-server/server-submitter/submitter-k8s/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache submarine-k8s-agent data
uses: actions/cache@v2
with:
path: |
./submarine-server/server-submitter/submarine-k8s-agent/target/jacoco.exec
key: ${{ runner.os }}-docker-${{ github.sha }}
- name: Cache SonarCloud packages
uses: actions/cache@v1
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Set up Maven 3.6.3
uses: stCarolas/setup-maven@v4
with:
maven-version: 3.6.3
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: 11
- name: Build the project with JDK 11
run: mvn install -DskipTests
- name: Download artifacts
uses: actions/download-artifact@v2
with:
path: target/artifacts
- name: Calculate combined coverage
run: ./dev-support/cicd/coverage.sh
- name: Build and analyze with JDK 11 # sonar-maven-plugin only support JDK 11
if: github.repository == 'apache/submarine' && github.event_name == 'push' && github.ref == 'refs/heads/master'
run: mvn -B verify -DskipTests org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=apache -Dsonar.projectKey=apache_submarine
env:
SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage report to Codecov
uses: codecov/codecov-action@v3
with:
files: ./target/coverage/all.xml
- name: Delete temporary build artifacts before caching
run: |
#Never cache local artifacts
rm -rf ~/.m2/repository/org/apache/submarine
if: always()