Bring back k8s manifest scanning

It appears, the issue we had in the past got fixed
podkrepi-bg · Mar 15, 2024 · e20044f · e20044f
1 parent fa6c088
commit e20044f
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 58 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -89,34 +89,34 @@ jobs:
         with:
           image: ghcr.io/podkrepi-bg/frontend:${{ env.VERSION }}
 
-#  scan-manifests:
-#    name: Scan k8s manifests
-#    runs-on: ubuntu-latest
-#    steps:
-#      - uses: actions/checkout@v4
-#
-#      - name: Install kustomize
-#        uses: imranismail/setup-kustomize@v2
-#
-#      - name: Build development manifests
-#        run: kustomize build manifests/overlays/development > dev-manifests.yaml
-#
-#      - name: Scan development manifests with Mondoo
-#        uses: mondoohq/actions/k8s-manifest@main
-#        env:
-#          MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }}
-#        with:
-#          path: dev-manifests.yaml
-#
-#      - name: Build production manifests
-#        run: kustomize build manifests/overlays/production > prod-manifests.yaml
-#
-#      - name: Scan production manifests with Mondoo
-#        uses: mondoohq/actions/k8s-manifest@main
-#        env:
-#          MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }}
-#        with:
-#          path: prod-manifests.yaml
+ scan-manifests:
+   name: Scan k8s manifests
+   runs-on: ubuntu-latest
+   steps:
+     - uses: actions/checkout@v4
+
+     - name: Install kustomize
+       uses: imranismail/setup-kustomize@v2
+
+     - name: Build development manifests
+       run: kustomize build manifests/overlays/development > dev-manifests.yaml
+
+     - name: Scan development manifests with Mondoo
+       uses: mondoohq/actions/k8s-manifest@main
+       env:
+         MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }}
+       with:
+         path: dev-manifests.yaml
+
+     - name: Build production manifests
+       run: kustomize build manifests/overlays/production > prod-manifests.yaml
+
+     - name: Scan production manifests with Mondoo
+       uses: mondoohq/actions/k8s-manifest@main
+       env:
+         MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }}
+       with:
+         path: prod-manifests.yaml
 
   run-playwright:
     name: Run Playwright

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -71,36 +71,36 @@ jobs:
         with:
           image: ghcr.io/podkrepi-bg/maintenance:pr
 
-#  scan-manifests:
-#    name: Scan k8s manifests
-#    runs-on: ubuntu-latest
-#    steps:
-#      - uses: actions/checkout@v4
-#        with:
-#          ref: ${{ github.event.pull_request.head.sha }}
-#
-#      - name: Install kustomize
-#        uses: imranismail/setup-kustomize@v2
-#
-#      - name: Build development manifests
-#        run: kustomize build manifests/overlays/development > dev-manifests.yaml
-#
-#      - name: Scan development manifests with Mondoo
-#        uses: mondoohq/actions/k8s-manifest@main
-#        env:
-#          MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }}
-#        with:
-#          path: dev-manifests.yaml
-#
-#      - name: Build production manifests
-#        run: kustomize build manifests/overlays/production > prod-manifests.yaml
-#
-#      - name: Scan production manifests with Mondoo
-#        uses: mondoohq/actions/k8s-manifest@main
-#        env:
-#          MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }}
-#        with:
-#          path: prod-manifests.yaml
+ scan-manifests:
+   name: Scan k8s manifests
+   runs-on: ubuntu-latest
+   steps:
+     - uses: actions/checkout@v4
+       with:
+         ref: ${{ github.event.pull_request.head.sha }}
+
+     - name: Install kustomize
+       uses: imranismail/setup-kustomize@v2
+
+     - name: Build development manifests
+       run: kustomize build manifests/overlays/development > dev-manifests.yaml
+
+     - name: Scan development manifests with Mondoo
+       uses: mondoohq/actions/k8s-manifest@main
+       env:
+         MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }}
+       with:
+         path: dev-manifests.yaml
+
+     - name: Build production manifests
+       run: kustomize build manifests/overlays/production > prod-manifests.yaml
+
+     - name: Scan production manifests with Mondoo
+       uses: mondoohq/actions/k8s-manifest@main
+       env:
+         MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }}
+       with:
+         path: prod-manifests.yaml
 
   run-playwright:
     name: Run Playwright