mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity

chore: simplify images build workflow (#6025)

Browse source 
* chore: simplify images build workflow

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2023-01-18 18:09:37 +01:00 committed by GitHub
parent 7a9bf1feed
commit 2785827e77
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 99 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

99
.github/workflows/image-build.yaml vendored
View file

@ -1,99 +0,0 @@
name: image-build
on:
push:
branches:
- 'main'
- 'release*'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
packages: write
id-token: write
jobs:
pre-checks:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup build env
uses: ./.github/actions/setup-build-env
- name: gofmt check
run: |
if [ "$(gofmt -s -l . | wc -l)" -ne 0 ]
then
echo "The following files were found to be not go formatted:"
gofmt -s -l .
echo "Please run 'make fmt' to go format the above files."
exit 1
fi
- name: goimports
run: |
if [ "$(goimports -l . | wc -l)" -ne 0 ]
then
echo "The following files were found to have import formatting issues:"
goimports -l -l .
echo "Please run 'make fmt' to go format the above files."
exit 1
fi
- name: golangci-lint
uses: reviewdog/action-golangci-lint@53f8eabb87b40b1a2c63ec75b0d418bd0f4aa919 # v2.2.2
- name: Checking unused pkgs using go mod tidy
run: |
make unused-package-check
build-init-kyverno:
runs-on: ubuntu-latest
needs: pre-checks
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup build env
uses: ./.github/actions/setup-build-env
- name: ko build
run: make ko-build-kyvernopre
build-kyverno:
runs-on: ubuntu-latest
needs: pre-checks
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup build env
uses: ./.github/actions/setup-build-env
- name: ko build
run: make ko-build-kyverno
- name: Trivy Scan Image
uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'
build-kyverno-cleanup-controller:
runs-on: ubuntu-latest
needs: pre-checks
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup build env
uses: ./.github/actions/setup-build-env
- name: ko build
run: make ko-build-cleanup-controller
build-kyverno-cli:
runs-on: ubuntu-latest
needs: pre-checks
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup build env
uses: ./.github/actions/setup-build-env
- name: ko build
run: make ko-build-cli

35
.github/workflows/images-build.yaml vendored Normal file
View file

@ -0,0 +1,35 @@
name: Build images
on:
push:
branches:
- 'main'
- 'release*'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
build-images:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup build env
uses: ./.github/actions/setup-build-env
with:
build-cache-key: build-images
- name: ko build
run: make ko-build-all
- name: Trivy Scan Image
uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5 # v0.8.0
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'