chore(deps-dev): update aquasecurity/trivy-action action to v0.25.0 #1230
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: pr-build | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| permissions: {} | |
| jobs: | |
| lint-chart: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 #v3.5 | |
| with: | |
| version: v3.4.0 | |
| - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 | |
| with: | |
| python-version: 3.7 | |
| - name: Set up chart-testing | |
| uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 | |
| - name: Run chart-testing (list-changed) | |
| id: list-changed | |
| run: | | |
| changed=$(ct list-changed --target-branch=master --chart-dirs chart) | |
| if [[ -n "$changed" ]]; then | |
| echo "::set-output name=changed::true" | |
| fi | |
| - name: Run chart-testing (lint) | |
| run: ct lint --target-branch=master --chart-dirs chart --check-version-increment=false | |
| fmt: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version: 1.22.x | |
| - name: fmt | |
| run: make fmt | |
| - name: vet | |
| run: make vet | |
| - name: lint | |
| run: make lint | |
| - name: Check if working tree is dirty | |
| run: | | |
| if [[ $(git diff --stat) != '' ]]; then | |
| git --no-pager diff | |
| echo 'run <make test> and commit changes' | |
| exit 1 | |
| fi | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| kubernetes-version: | |
| - "1.27" | |
| - "1.28" | |
| - "1.29" | |
| - "1.30" | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version: 1.22.x | |
| - name: run test | |
| run: make test ENVTEST_K8S_VERSION=${{ matrix.kubernetes-version }} | |
| build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| profiles: ${{ steps.profiles.outputs.matrix }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version: 1.22.x | |
| - name: build | |
| run: make build | |
| - name: Check if working tree is dirty | |
| run: | | |
| if [[ $(git diff --stat) != '' ]]; then | |
| git --no-pager diff | |
| echo 'run <make test> and commit changes' | |
| exit 1 | |
| fi | |
| - name: Build container image | |
| run: | | |
| make docker-build | |
| - name: Create image tarball | |
| run: | | |
| docker save --output growthbook-controller-container.tar growthbook-controller:latest | |
| - name: Upload image | |
| uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 | |
| with: | |
| name: growthbook-controller-container | |
| path: growthbook-controller-container.tar | |
| - id: profiles | |
| name: Determine test profiles | |
| run: | | |
| profiles=$(ls config/tests/cases | jq -R -s -c 'split("\n")[:-1]') | |
| echo $profiles | |
| echo "::set-output name=matrix::$profiles" | |
| e2e-tests: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| strategy: | |
| matrix: | |
| profile: ${{ fromJson(needs.build.outputs.profiles) }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version: 1.22.x | |
| - name: Setup Kubernetes | |
| uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 #v0.5.0 | |
| with: | |
| version: v0.17.0 | |
| - name: Download growthbook-controller container | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
| with: | |
| name: growthbook-controller-container | |
| path: /tmp | |
| - name: Load images | |
| run: | | |
| docker load --input /tmp/growthbook-controller-container.tar | |
| docker image ls -a | |
| - name: Setup Kustomize | |
| uses: imranismail/setup-kustomize@2ba527d4d055ab63514ba50a99456fc35684947f # v2.1.0 | |
| - name: Run test | |
| run: | | |
| make kind-test TEST_PROFILE=${{ matrix.profile }} | |
| - name: Debug failure | |
| if: failure() | |
| run: | | |
| kubectl -n kube-system describe pods | |
| kubectl -n growthbook-system describe pods | |
| kubectl -n growthbook-system get all | |
| kubectl -n growthbook-system logs deploy/growthbook-controller | |
| kubectl -n growthbook-system get growthbookinstance -o yaml | |
| test-chart: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - lint-chart | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 #v3.5 | |
| - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 | |
| with: | |
| python-version: 3.7 | |
| - name: Set up chart-testing | |
| uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 | |
| - name: Create kind cluster | |
| uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 | |
| - name: Download growthbook-controller container | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
| with: | |
| name: growthbook-controller-container | |
| path: /tmp | |
| - name: Load image | |
| run: | | |
| docker load --input /tmp/growthbook-controller-container.tar | |
| docker tag growthbook-controller:latest ghcr.io/doodlescheduling/growthbook-controller:v0.0.0 | |
| kind load docker-image ghcr.io/doodlescheduling/growthbook-controller:v0.0.0 --name chart-testing | |
| docker image ls -a | |
| - name: Run chart-testing (install) | |
| run: ct install --target-branch=master --chart-dirs chart | |
| test-success: | |
| runs-on: ubuntu-latest | |
| needs: [test, e2e-tests] | |
| steps: | |
| - run: echo "all tests succeeded" |