name: build on: push: branches: - 'main' pull_request: branches: - 'main' jobs: pre-checks: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Unshallow run: git fetch --prune --unshallow - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.16 - name: Cache Go modules uses: actions/cache@v1 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: gofmt check run: | if [ "$(gofmt -s -l . | wc -l)" -ne 0 ] then echo "The following files were found to be not go formatted:" gofmt -s -l . echo "Please run 'make fmt' to go format the above files." exit 1 fi - name: goimports run: | if [ "$(goimports -l . | wc -l)" -ne 0 ] then echo "The following files were found to have import formatting issues:" goimports -l -l . echo "Please run 'make fmt' to go format the above files." exit 1 fi - name: golangci-lint uses: reviewdog/action-golangci-lint@v1 - name: Checking unused pkgs using go mod tidy run: | make unused-package-check build-init-kyverno: runs-on: ubuntu-latest needs: pre-checks steps: - name: Checkout uses: actions/checkout@v2 - name: Unshallow run: git fetch --prune --unshallow - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.16 - name: Cache Go modules uses: actions/cache@v1 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 id: buildx with: install: true - name: docker images build run: | make docker-build-initContainer build-kyverno: runs-on: ubuntu-latest needs: pre-checks steps: - name: Checkout uses: actions/checkout@v2 - name: Unshallow run: git fetch --prune --unshallow - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.16 - name: Cache Go modules uses: actions/cache@v1 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 id: buildx with: install: true - name: docker images build run: | make docker-build-kyverno - name: Trivy Scan Image uses: aquasecurity/trivy-action@master with: scan-type: 'fs' format: 'table' exit-code: '1' ignore-unfixed: true vuln-type: 'os,library' severity: 'CRITICAL,HIGH' build-kyverno-cli: runs-on: ubuntu-latest needs: pre-checks steps: - name: Checkout uses: actions/checkout@v2 - name: Unshallow run: git fetch --prune --unshallow - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.16 - name: Cache Go modules uses: actions/cache@v1 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 id: buildx with: install: true - name: docker images build run: | make docker-build-cli tests: runs-on: ubuntu-latest needs: pre-checks steps: - name: Checkout uses: actions/checkout@v2 - name: Unshallow run: git fetch --prune --unshallow - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.16 - name: Cache Go modules uses: actions/cache@v1 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Kyverno unit test run: | export PROJECT_PATH=$(pwd) make test-unit