mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-09 17:37:12 +00:00
Code Activity
kyverno/.github/workflows/devcontainer-build.yaml

31 lines
750 B
YAML
Raw Normal View History

feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-10-17 20:11:57 +05:30
name: Build devcontainer
permissions: {}
on:
pull_request:
branches:
- 'main'
- 'release*'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
devcontainer-build:
runs-on: ubuntu-latest
steps:
- name: Checkout
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#8680) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-25 04:29:31 +00:00
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-10-17 20:11:57 +05:30
- name: Build devcontainer image
run: docker build .devcontainer
- name: Trivy Scan Image
chore(deps): bump aquasecurity/trivy-action from 0.13.1 to 0.15.0 (#9078) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.13.1 to 0.15.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.13.1...22d2755f774d925b191a185b74e782a4b0638a41) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 17:42:34 +00:00
uses: aquasecurity/trivy-action@22d2755f774d925b191a185b74e782a4b0638a41 # v0.15.0
feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
2023-10-17 20:11:57 +05:30
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'
Copy permalink